Security is obviously the number one priority. Although we are all trying to protect our personal data as much as possible, it's still not effective enough.
Here's a little info from Arxan Technologies showing us that 70% of Apple apps have been in some way hacked and 95% of apps have been hacked on Android.
The question stays, is really hacking & modifying (or injecting a malicious code) an app that easy?
Let's have a look.
Here's another quick video showing the decompilation of an application using the dex2jar and JD-GUI which shows the source code of the decompiled app.
You can use the same thing using Show Java on Android, download on Google Play
The code gets changed, app compiled and released to the public. You can't spot the difference as the app is behaving normally but your personal data may get stolen.
These threads may be everywhere, for example if you like to download paid apps for free on the web (APK file), these also may be modified.