This insidious Android app is stealing banking info — delete it now

News
By published

The Xenomorph trojan does not come in peace

banking trojan on phone illustration
(Image credit: Shutterstock)

After the recent discovery that five Android apps were found to record your screen when banking, another has managed to slip through Google’s anti-malware net, and it works in an equally malicious way.

If you have an App installed on your Android phone called “ToDo: Day Manager” then delete it now. According to leading cloud security company Zscaler and reported on by Laptop Mag, it is one of 50+ apps its Techlabz team have found to be ‘Trojan droppers.'

 How does the Xenomorph Trojan work? 

Despite posing as an innocuous planning app, ToDo: Day Manager installs a particularly nasty trojan known as the Xenomorph. Upon installation, the app, which has over 1,000 downloads asks for extensive permissions in your device and installs itself as an admin, refusing to surrender control. 

Those who accept will likely have had their banking details compromised as this is what it has been found to prioritize (although it also can access your SMS and other messages). The Xenomorph will in fact overlay fake login screens onto your banking apps, stealing your login information.  

Zscaler have found that the Xenomorph trojan is very similar to the Coper banking trojan that surfaced a few months ago with the Techlabz team finding it also “sourced its malware payload from the Github repo.” 

 What can I do to protect myself? 

Thankfully, Google has now removed the app from the Google Play Store, but this is far from the first breach of its security. As users, we must remain savvy to the red flags of suspicious apps. 

A common protective measure is to never allow permissions to an unknown app, especially if it seems irrelevant to the service it offers. Why would a calendar app require access to your camera or messages, for example. 

It can be a pain but using different passwords for each login is a crucial part of cybersecurity and staying safe. We recommend using one of the best password managers and making sure each password is individually strong

It's also worth downloading one of the best Android antivirus apps if you want an extra layer of protection. 

See more Computing News
Andy Sansom

Andy is a freelance writer with a passion for streaming and VPNs. Based in the U.K., he originally cut his teeth at Tom's Guide as a Trainee Writer before moving to cover all things tech and streaming at T3. Outside of work, his passions are movies, football (soccer) and Formula 1. He is also something of an amateur screenwriter having studied creative writing at university.

Read more
Green skull on smartphone screen.
This Android banking trojan steals passwords to take over your accounts — and all it takes is a single text message
Green skull on smartphone screen.
Malicious Android apps with 60 million installs bombarding phones with ads and phishing attacks — how to stay safe
A smartphone screen displaying the Android name and logo next to a sign reading 'MALWARE'.
Fake Google Play Store pages are spreading Trojan malware that can steal your financial data
Google Play logo on an android smartphone with corner hole punch camera
At least 5 North Korean spy apps have been found on Google Play — what you need to know
One phone with skull and crossbones on screen among several other clean-looking phones.
Malicious iPhone apps are spreading screenshot-reading malware on the Apple App Store — how to stay safe
Mobile malware
New malware uses infected VPN apps to take over your device — here's how to stay safe
Latest in Online Security
23andME box
23andMe has declared bankruptcy — here's how to delete your data now
A magnifying glass on top of the Steam logo in a web browser
Valve just pulled a malicious game demo spreading info-stealing malware from Steam
A man filing his taxes electronically on a laptop
AI-powered tax scams are here - how to stay safe from deepfakes, phishing and more this tax season
MacBook Pro 2023
New Mac attack is tricking users into thinking their computer is locked — how to stay safe
Hacker using a stolen social security card
Your Social Security number is a literal gold mine for scammers and identity thieves — here’s how to keep it safe
An open lock depicting a data breach
Half a million teachers hit in major data breach with SSNs, financial data and more exposed — what to do now
Latest in News
iPhone 16 with Apple Intelligence logo for iOS 18.1
iOS 18.4: All the newest Apple Intelligence features coming to your iPhone
Maria Debska in "Just One Look" now streaming on Netflix
3 best Netflix shows in March you haven't watched yet
Split image featuring the Galaxy S25 Edge (left) and Galaxy S25 Ultra (right)
Samsung Galaxy S25 Edge just tipped for two Galaxy S25 Ultra-level features
Wolfenstein: The Old Blood
Amazon is giving away a ton of free games for its Big Spring Sale — here’s how to claim yours
A TV with the Netflix logo sits behind a hand holding a remote
Netflix is rolling out a big video quality upgrade — what you need to know
Choi Hyun-Wook, Hong Kyung, and Park Ji-hoon in "Weak Hero Class 1" now streaming on Netflix
This action-packed K-drama is now streaming on Netflix — and now’s the time to binge-watch before season 2
More about online security
23andME box

23andMe has declared bankruptcy — here's how to delete your data now

A man filing his taxes electronically on a laptop

AI-powered tax scams are here - how to stay safe from deepfakes, phishing and more this tax season
Split screen of a man performing the Military Sleep method and a woman performing the Navy SEAL Sleep technique.

Military Sleep Method vs Navy SEAL sleep technique to fall asleep fast: Which is best?

See more latest
1 Comment Comment from the forums
  • kep55
    It pays to not DL every app that one thinks one needs. Android phones have a calendar app built in.
    Now to get an app that will prevent every app on an android device from starting automatically.
    Reply
Most Popular
Split image featuring the Galaxy S25 Edge (left) and Galaxy S25 Ultra (right)
Samsung Galaxy S25 Edge just tipped for two Galaxy S25 Ultra-level features
iPhone 16 with Apple Intelligence logo for iOS 18.1
iOS 18.4: All the newest Apple Intelligence features coming to your iPhone
Maria Debska in "Just One Look" now streaming on Netflix
3 best Netflix shows in March you haven't watched yet
Wolfenstein: The Old Blood
Amazon is giving away a ton of free games for its Big Spring Sale — here’s how to claim yours
Choi Hyun-Wook, Hong Kyung, and Park Ji-hoon in "Weak Hero Class 1" now streaming on Netflix
This action-packed K-drama is now streaming on Netflix — and now’s the time to binge-watch before season 2
Dark Side of the Ring
How to watch 'Dark Side of the Ring' season 6 online — stream wrestling doc from anywhere
A TV with the Netflix logo sits behind a hand holding a remote
Netflix is rolling out a big video quality upgrade — what you need to know
A nervous woman looking at her phone
Is ChatGPT making us lonely? MIT/OpenAI study reveals possible link
EcoSmart Universal Select lightbulb, Home Depot sign and Traeger Woodridge Pro pellet smoker
I just got a sneak peek of hundreds of new Home Depot products for spring — here’s the 5 I’d buy
OnePlus 13 back, leaning against blue wall
OnePlus 13T could come with an even bigger battery than OnePlus 13 — this is incredible