It would appear Android users are having quite the year as new discoveries of malicious apps are being made on a regular basis. Cybersecurity experts are warning of a new app that can intercept your login credentials from banking apps and could even read your text messages. And the worst part is that this app is difficult to delete.
Discover our latest podcast
Todo: Day manager
The malicious program targeting banking information, is hidden in an app called Todo: Day Manager, which is available on the Google Play Store, researchers at Zscaler ThreatLabz have said. As far back as February this year, industry watchers raised the alarm that the bug was being developed and had at least 50 European banks on its target list. Apart from this latest app, the bug had been attached to other similarly innocuous applications and has been installed on numerous Android devices.
It operates by hijacking login credentials from banking apps and because it can also decipher SMS messages, it is possible for it to intercept your two-factor verification codes, typically sent via text or through your banking app. According to cyber experts at Zscaler:
It starts with asking users to enable access permission. Once provided, it adds itself as a device admin and prevents users from disabling Device Admin, making it uninstallable from the phone.
Cautious downloads
Depending on the permissions you have to the app, you may have to back up your files and clean your device through factory-reset to get rid of it. Cyber expert Chris Hauk who is Consumer Privacy Advocate at Pixel Privacy is quoted by the Mirror as giving this advice on how to avoid sneaky apps:
Look at the apps' icons: fake apps almost always use the icon from the app they're faking. Be suspicious of apps using the same icons. Investigate them closely to find out which is the genuine app.
Also, keep an eye out for the name of the developer, number of downloads (a few hundred or thousand downloads, that's a good clue that the app is a rogue app), and its description and screenshots (especially grammar mistakes or broken English are dead giveaways of a malicious app), Hauk added.
Sources used:
Mirror: All Android users warned to delete app right now - it steals your banking login
PC Risk: Removing Xenomorph banking malware from your Android device
Bleeping Computer: New Xenomorph Android malware targets customers of 56 banks