Android device owners are warned about a malicious app that may access personal banking information.
Cyber experts are warning that the seemingly innocent to-do list application known as Todo: Day Manage could steal your banking login.
Her advice: immediately check your phone to make sure it’s not installed.
Watch the latest news on Channel 7 or stream for free on 7plus >>
According to researchers at Zscaler ThreatLabz, the app installs a banking Trojan malware called Xenomorph.
This malware is designed to hijack your credentials from your banking apps.
It can even read your text messages, researchers say.
It can also allow the app to intercept your two-factor verification codes.
“This is the latest in a worrying line of hidden malware on the Google Play Store,” warn Zscaler’s cyber experts.
The Android app is also intentionally making itself difficult to erase, the experts added.
“Our analysis revealed that installing the app from GitHub deletes the Xenomorph banking malware as a fake Google service application,” Zscaler experts said.
“It starts by prompting users to enable access permission.
“Once deployed, it adds itself as a device admin and prevents users from disabling the device admin, making it uninstallable from the phone.”
If a user has not granted permission to the application, it can be safely uninstalled.
The alternative is to back up files and factory reset your phone to completely delete the app.
https://7news.com.au/technology/urgent-warning-for-android-owners-over-one-malicious-app-c-8874122 Google Play Apps: The one Android app asked by millions to delete immediately