The Bitpie application through 3.2.4 for Android and iOS uses cleartext storage for digital currency initial keys, which allows local users to steal currency by leveraging root access to read /com.biepie/shared_prefs/com.bitpie_preferences.xml (on Android) or a plist file in the app data folder (on iOS).
https://github.com/edwardz246003/misc/blob/master/Bitpie.md
https://github.com/edwardz246003/misc/blob/master/Bitpie%20CVE-2018-10812..md