Jump directly to the content
BANK ON IT

All Android users warned to delete app right now – it steals your banking login

ANDROID phone owners are being warned over a dangerous app that steals your banking login.

You need to check your phone immediately to make sure it's not installed, cyber-experts say.

The Todo Day Manager app has been flagged as dangerous by cyber-experts
1
The Todo Day Manager app has been flagged as dangerous by cyber-expertsCredit: Google / Zscaler

The app is called Todo: Day Manager, and has been slammed by security specialists.

It installs a banking trojan malware called Xenomorph, according to researchers at .

This can hijack your login info from banking apps, and can even read your SMS messages.

That allows the app to intercept your two-factor verification codes (typically delivered over text) to raid your logins – and bank account.

Read More on The Sun

PARKED OFF

I use bags of rubble to stop neighbours taking my parking space – they hate it

"This is the latest in a disturbing string of hidden malware in the Google Play store," the cyber-experts warned.

Worse still, the Android app makes itself intentionally difficult to delete.

You need to search your phone for it immediately and uninstall it, cyber-experts say.

"Our analysis found that the Xenomorph banking malware is dropped from GitHub as a fake Google Service application upon installation of the app," said the Zscaler cyber-experts.

Most read in Tech

Terrifying clip shows what it’s like to be EATEN by a shark
JAWSOME!

Terrifying clip shows what it’s like to be EATEN by a shark

World’s saddest dolphin recorded crying in empty ocean as he’s so lonely
DOLPHIN’S TEARS

World’s saddest dolphin recorded crying in empty ocean as he’s so lonely

Google exec shares 'magic' Android time-saver tip – it even helps you dress better
SO GOOG

Google exec shares 'magic' Android time-saver tip – it even helps you dress better

Major free WhatsApp upgrade makes voice note chats WAY easier when it's noisy
'APPY DAYS!

Major free WhatsApp upgrade makes voice note chats WAY easier when it's noisy

"It starts with asking users to enable access permission.

"Once provided, it adds itself as a device admin and prevents users from disabling Device Admin, making it uninstallable from the phone."

If you haven't given permissions to the app then you should be able to uninstall it safely.

Otherwise, you may have to back up your files and then factory-reset your phone to clear the app completely.

Advice on staying safe

We spoke to cyber-expert Chris Hauk, who offered some tips for avoiding dodgy Android Apps.

Here's what Chris, who works as a Consumer Privacy Advocate at Pixel Privacy, told ...

"When searching for an app in the Google Play Store, pay close attention to the search results," Chris explained.

"Look at the apps' icons: fake apps almost always use the icon from the app they're faking. Be suspicious of apps using the same icons. Investigate them closely to find out which is the genuine app.

"Look at the developer’s name. For instance, we know the WhatsApp Messenger app is offered by WhatsApp LLC. The rogue app could show the developer's name as 'Big Bill Johnson LLC,' indicating that something is wrong.

"Look at the app's download count. If you're looking at the WhatsApp app, it should have billions of downloads. If the app has just a few hundred or thousand downloads, that's a good clue that the app is a rogue app.

Read more on Android

YOU SHALL NOT PASS

Millions of Android owners warned anyone can bypass your lock screen

HIDE & SEEK

How to hide your online status on WhatsApp for iPhone and Android

"Look at the app's description and screenshots. The description may contain multiple spelling or grammar mistakes, or otherwise broken English."

READ MORE SUN STORIES

DUE SOON

Ashley Cain fans ‘work out baby’s due date’ from clue in emotional baby news post

TO YOUR BENEFIT

Exact date millions will get paid benefits early this Christmas

Chris added: "Also, make use of Google Play Protect. Google Play Protect analyses potentially bogus and harmful apps before you download them, and also regularly scans your apps for malware and will alert you to uninstall rogue apps."

Best Phone and Gadget tips and hacks

Looking for tips and hacks for your phone? Want to find those secret features within social media apps? We have you covered...

Get all the latest WhatsApp, Instagram, Facebook and other tech gadget stories here.


We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at [email protected]

Topics
YOU MIGHT LIKE
RECOMMENDED FOR YOU
MORE FOR YOU