Saltar al contenido
ONEAndroid.net 🌐 Guides for learning to surf the Android

These two apps can empty your bank account and download them thousands of times: delete them from your mobile phone

Be very careful with these two aplicaciones: they seem like harmless task managers, but they cánido drain your bank account.

These two apps can empty your bank account and download them thousands of times: delete them from your mobile phone
Android móvil applications.

At the beginning of the year we already had to report the appearance of Xenomorph, a dangerous trojan Banking aplicación login details stolen, and even intercept one-time codes received vía mensaje de texto. Thanks to its techniques, it managed to become one of the most widespread and dangerous trojans for Android.

Now, Xenomorph has returned to the Google plus Play Store. As reported by the specialized cybersecurity portal hispasecZscaler’s research team discovered ThreatLabz new aplicaciones infected with Xenomorph in the Aplicación Store of Android devices.

These aplicaciones accumulate Thousands of downloads by users as they appear to be harmless tools. However, inside they hide one of the virus There are dangers today.

The Trojan hides in two seemingly harmless functions

As the researchers showed, the software malicioso hides in two Aplicaciones seem harmless: a task manager and expense tracking aplicación. Their names are “Todo: Day Manager (com.todo.daymanager) Y “Expense Management (com.setprice.expenses)”.

Once one of the applications is installed, The usuario will be prompted to grant access to gain enhanced privileges and be able to carry out the next level of attack, which consists of Download the software malicioso yourselfhosted on GitHub.

Google Play Store screenshots of two apps with malware

Both aplicaciones are infected with Xenomorph.

Since the software malicioso is already installed on the victim’s device, Xenomorph does the rest of the attackattempts to steal banking aplicación credentials and intercept text messages and notifications so it perro steal one-time verification codes.

This is not the first trojan to exploit it Android Access Permissions to take and infect devices. For this reason it is very important Escoge carefully what kind of permissions are granted to each applicationand it is recommended to use this kind of extended permissions but in these aplicaciones from trusted developers and with some popularity on Google plus Play.

Configuration