Could the advertising SDK you use be so easily hacked?

Many developers around the world rely on an advertising SDK to monetise their free applications; but do you consider they could be used for malicious purposes? BitDefender researchers have already clocked an SDK which asks for far more permissions than required…
The Widdit SDK, on Android, asks for a whole host of permissions including the ability to “record audio”, “read your text messages”, and “read phone status”.
Bogdan Botezatu, Senior E-Threat Analyst at...