Hackers are using a fake Android app named ‘SafeChat’ to infect devices with spyware malware that steals call logs, texts, and GPS locations from phones.
The Android spyware is suspected to be a variant of “Coverlm,” which steals data from communication apps such as Telegram, Signal, WhatsApp, Viber, and Facebook Messenger.
You install the app, by doing so you give the app permisions.
There is no system permission I’m aware of that will give other applications access to Signal which is an app made to be secure with at least a PIN code for accessing it.