Take a look at this interview where the owner of a security company stated that if a user turns on the flashlight app on the phone it makes them susceptible to their phone content being hacked.
The maker of the most popular flashlight app, Brightest Flashlight, in the Google Play (Android) store was caught stealing people’s geolocation data and selling it to advertisers, went under FTC investigation, and was forced to settle over the issue. The app’s creators weren’t sharing user data with an enemy of the state or cybercriminals, they were sharing it with advertisers for ad purposes.
Playing it safe
If the app is several megabytes (just to turn the light on and off) you might be looking at malware. Also, check the permissions for the apps you install – if they want access to your location for a flashlight app, you should probably choose another flashlight.
Tony S. from Ottawa, Ontario