Swiftkey as malware?

Today avast mobile for Android (free version) identified SwiftKey on my wife’s phone as having a trojan (Android.kielog). She went ahead and uninstalled SwiftKey, so I haven’t been able to find any details about what was detected, what version was running, when it was last updated, etc. – are there some hidden/detailed log files somewhere I can view?

I did some searching and found info about a pirated version of SwiftKey potentially having a keylogger, but I don’t see how that would be the case for us. She originally installed the SwiftKey app from the Amazon AppStore and has never installed any APK’s directly (no pirated apps, shady app stores, etc.). She uses only Google Play Store and Amazon AppStore.

I have also installed both avast and SwiftKey on my Android phone, and it’s not finding any issues, so it seems less likely to be a false positive than I first assumed. I’d like to learn more about the malware that was potentially on her phone, is anyone else coming across this issue with SwiftKey?

Do you have PUP set on?

Yes, PUP is on but it’s enabled on both phones and only my wife’s SwiftKey brought up any warning.

Is it expected for SwiftKey to be detected as a PUP?

I did not receive any warning…

Which version it is? PUP is detected for many reasons, but SwiftKey should not be recognized as a PUP until they changed something…

How do I check the version now that it was uninstalled? I can’t find any logs in avast that provide any details. I expect it was a relatively old version since my wife doesn’t pay much attention to app updates.

Well, until then I can not help you more. I suppose that the new version is not detected anymore.

So… there’s no logging functionality or other saved information within Avast about what it detected in the SwiftKey app and why it was recommended for deletion? There’s no way to determine even the name of the file deleted or its version number?

Currently, there is not.

Filip