Read Time:1 Minute, 29 Second

A warning has been released due to a malicious android app trying to infiltrate users’ bank log-ins.

Cyber experts have warned Android users to avoid installing a to-do app named Day Manage. They said you should recheck your phone and ensure the app is not there. Research has been conducted by Zscaler ThreatLabz, which eventually found out what kind of malware the hackers used.

“Our analysis found that the Xenomorph banking malware was dropped from GitHub as a fake Google Service application upon installation of the app,” said the researchers.

It was a Trojan horse malware called Xenomorph. For this context, trojan malware disguises itself as legitimate software, luring users to install or download them into their devices. Once inside the network, the hackers will conduct an action to extract, export, delete, and modify some or all contents of the device.

“Xenomorph creates an overlay onto legit banking applications to trick users into entering their credentials.”

For Day Manage, it can read the user’s SMS messages and baking apps and intercept your two-factor verification codes. 

“This is the latest in a disturbing string of hidden malware in the Google Play Store,” the Zscaler cyber experts warned.

The process starts with asking users to grant access. After the access has been granted, it sets itself as an admin of the device and entirely takes control. 

“Once provided, it adds itself as a device admin and prevents users from disabling Device Admin, making it uninstallable from the phone.”

The application can be securely uninstalled if a user has yet to grant permission.

The alternative is to back up your files and factory reset your phone to eradicate the app. The researchers also request that users watch the software installed on their mobile phones.

Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
0 %
Previous post Meadows Medical Centre in Mullum Has Been Hacked
dropbox Next post Chinese Hackers Utilise Google Drive and Dropbox to Infiltrate Government Systems