This insidious Android app is stealing banking info — delete it now
The Xenomorph trojan does not come in peace
After the recent discovery that five Android apps were found to record your screen when banking, another has managed to slip through Google’s anti-malware net, and it works in an equally malicious way.
If you have an App installed on your Android phone called “ToDo: Day Manager” then delete it now. According to leading cloud security company Zscaler and reported on by Laptop Mag, it is one of 50+ apps its Techlabz team have found to be ‘Trojan droppers.'
How does the Xenomorph Trojan work?
Despite posing as an innocuous planning app, ToDo: Day Manager installs a particularly nasty trojan known as the Xenomorph. Upon installation, the app, which has over 1,000 downloads asks for extensive permissions in your device and installs itself as an admin, refusing to surrender control.
Those who accept will likely have had their banking details compromised as this is what it has been found to prioritize (although it also can access your SMS and other messages). The Xenomorph will in fact overlay fake login screens onto your banking apps, stealing your login information.
Zscaler have found that the Xenomorph trojan is very similar to the Coper banking trojan that surfaced a few months ago with the Techlabz team finding it also “sourced its malware payload from the Github repo.”
What can I do to protect myself?
Thankfully, Google has now removed the app from the Google Play Store, but this is far from the first breach of its security. As users, we must remain savvy to the red flags of suspicious apps.
A common protective measure is to never allow permissions to an unknown app, especially if it seems irrelevant to the service it offers. Why would a calendar app require access to your camera or messages, for example.
Sign up to get the BEST of Tom's Guide direct to your inbox.
Get instant access to breaking news, the hottest reviews, great deals and helpful tips.
It can be a pain but using different passwords for each login is a crucial part of cybersecurity and staying safe. We recommend using one of the best password managers and making sure each password is individually strong.
It's also worth downloading one of the best Android antivirus apps if you want an extra layer of protection.
Andy is a freelance writer with a passion for streaming and VPNs. Based in the U.K., he originally cut his teeth at Tom's Guide as a Trainee Writer before moving to cover all things tech and streaming at T3. Outside of work, his passions are movies, football (soccer) and Formula 1. He is also something of an amateur screenwriter having studied creative writing at university.
-
kep55 It pays to not DL every app that one thinks one needs. Android phones have a calendar app built in.Reply
Now to get an app that will prevent every app on an android device from starting automatically.