I found a malicious Android app that used virtualization to install hidden apps to commit ad fraud in the background without the users knowledge using an open source library found on GitHub:
Now imagine if a social media app was installed (or even a banking app) into this virtual space...
The app would appear as coming from the users device and could bypass weak 2FA that uses the IMEI or other device identifiers.
I assume one could also use Google sync functions to transfer contacts or other data into a virtualized app running in this virtualized space too.
As the documentation says, it's only limited by your imagination.