This insidious Android app is stealing banking info — delete it now

News
By Andy Sansom
published

The Xenomorph trojan does not come in peace

banking trojan on phone illustration
(Image credit: Shutterstock)

After the recent discovery that five Android apps were found to record your screen when banking, another has managed to slip through Google’s anti-malware net, and it works in an equally malicious way.

If you have an App installed on your Android phone called “ToDo: Day Manager” then delete it now. According to leading cloud security company Zscaler and reported on by Laptop Mag, it is one of 50+ apps its Techlabz team have found to be ‘Trojan droppers.'

 How does the Xenomorph Trojan work? 

Despite posing as an innocuous planning app, ToDo: Day Manager installs a particularly nasty trojan known as the Xenomorph. Upon installation, the app, which has over 1,000 downloads asks for extensive permissions in your device and installs itself as an admin, refusing to surrender control. 

Those who accept will likely have had their banking details compromised as this is what it has been found to prioritize (although it also can access your SMS and other messages). The Xenomorph will in fact overlay fake login screens onto your banking apps, stealing your login information.  

Zscaler have found that the Xenomorph trojan is very similar to the Coper banking trojan that surfaced a few months ago with the Techlabz team finding it also “sourced its malware payload from the Github repo.” 

 What can I do to protect myself? 

Thankfully, Google has now removed the app from the Google Play Store, but this is far from the first breach of its security. As users, we must remain savvy to the red flags of suspicious apps. 

A common protective measure is to never allow permissions to an unknown app, especially if it seems irrelevant to the service it offers. Why would a calendar app require access to your camera or messages, for example. 

It can be a pain but using different passwords for each login is a crucial part of cybersecurity and staying safe. We recommend using one of the best password managers and making sure each password is individually strong

It's also worth downloading one of the best Android antivirus apps if you want an extra layer of protection. 

Andy Sansom
Andy Sansom
Trainee Writer

Andy is Tom’s Guide’s Trainee Writer, which means that he currently writes about pretty much everything we cover. He has previously worked in copywriting and content writing both freelance and for a leading business magazine. His interests include gaming, music and sports- particularly Formula One, football and badminton. Andy’s degree is in Creative Writing and he enjoys writing his own screenplays and submitting them to competitions in an attempt to justify three years of studying.  

1 Comment Comment from the forums
  • kep55
    It pays to not DL every app that one thinks one needs. Android phones have a calendar app built in.
    Now to get an app that will prevent every app on an android device from starting automatically.
    Reply