Before I even read through the entire post first thing that popped up in my mind was this could be another form of modded keylogger malware and it turned out to be true. I have a friend into cyber security and he some time ago showed me how these keylogger works.
...
Many users install unnecessary apps such as document scanners, and many applications such as flashlights come pre-installed, which is why many laymen accidentally infect themselves by installing any apps they see. The same goes for apps that change the appearance of the keyboard, most of which come with built-in malware.
And what's more, a virtual keyboard doesn't reduce the risk, since it captures screen captures and even otp data of auths apps.
It is very scary if we become victims of this Malware. It is said that the Malware asks for access to be enabled and once given permission it will be able to monitor and control our devices by targeting existing applications to steal. Therefore I think we need to be aware to be careful about giving any access to our devices, and besides that I think there needs to be additional security for our devices by installing several antivirus applications that are certainly trusted and really often update against threats, so that it can prevent us from unwanted attacks.
Exactly, you need to be careful with permissions, like, why would a keyboard app ask for permission from your contact list?
I don't have any antivirus installed, nowadays they are a waste of time and malware is increasingly advancing to avoid being detected by paid AV.
If you follow good security practices, install apps from the platform's official stores, verify the source of the app and don't execute any data sent by third parties via messengers, I'm sure you'll be fine.
Even so, it's important to keep the minimum amount of ₿/Crypto in mobile wallets, since there are silent malware that may already be in possession of the user's wallet and just waiting for the right moment to drain all the funds at once. Therefore, store your seedphrase offline in a safe place, create a strong enough password/PIN and leave most of the funds in a hardware wallet or on an air-gapped device.