nelsonebo

Half Mag / Half Zine

Android phone owners are being warned about a dangerous app that steals your banking login.

According to cyber-experts, you must check your phone straight away, to check you haven’t been infiltrated.

The app, which is called Todo: Day Manager, implements a banking trojan malware called Xenomorph, researchers at Zscaler ThreatLabz have said.

This can hijack your login information from banking apps, and might even be able to decipher your SMS messages.

In turn, this means the app can intercept your two-factor verification codes, which are typically sent via text, as well as your bank account.

A cyber-expert told The Sun: “This is the latest in a disturbing string of hidden malware in the Google Play store.”

In further bad news, the Android app actually makes itself intentionally difficult to delete.

Cyber-experts say that you need to search your phone straight away and uninstall it.

“Our analysis found that the Xenomorph banking malware is dropped from GitHub as a fake Google Service application upon installation of the app,” said the Zscaler cyber-experts.

“It starts with asking users to enable access permission.

“Once provided, it adds itself as a device admin and prevents users from disabling Device Admin, making it uninstallable from the phone.”

If you don’t have permissions to the app then you should be able to uninstall it safely.

Otherwise, you may need to back up your files and then factory-reset your phone to clear the app completely.

Cyber expert Chris Hauk offered further advice on avoiding faulty Android Apps.

Chris, works as a Consumer Privacy Advocate at Pixel Privacy, and said: “When searching for an app in the Google Play Store, pay close attention to the search results.

“Look at the apps’ icons: fake apps almost always use the icon from the app they’re faking. Be suspicious of apps using the same icons. Investigate them closely to find out which is the genuine app.

“Look at the developer’s name. For instance, we know the WhatsApp Messenger app is offered by WhatsApp LLC. The rogue app could show the developer’s name as ‘Big Bill Johnson LLC,’ indicating that something is wrong.

“Look at the app’s download count. If you’re looking at the WhatsApp app, it should have billions of downloads. If the app has just a few hundred or thousand downloads, that’s a good clue that the app is a rogue app.

“Look at the app’s description and screenshots. The description may contain multiple spelling or grammar mistakes, or otherwise broken English.”

Chris added: “Also, make use of Google Play Protect. Google Play Protect analyses potentially bogus and harmful apps before you download them, and also regularly scans your apps for malware and will alert you to uninstall rogue apps.”