Skip to main content

Security firm says to delete this Android app immediately before it cleans out your bank account

 

Mobile security firm Pradeo has discovered an app in the Google Play Store that was supposed to be used to help Android users feel safer online. Instead, the app turned out to be a "trojandropper" used by hackers to disseminate malware on consumers' mobile devices. The app, called 2FA Authenticator, was installed by over 10,000 users.

This app drops malware into your device that steals your banking information and grabs your money


The irony is clear. 2FA, also known as two-factor authentication, is used to validate your identity. Let's say your bank wants to make sure that the person trying to speak to them about your account is you. So they send a text with a code number to your phone. Once you punch in the correct code number from the text, you have verified your identity as far as the bank sees it. However, the 2FA Authenticator app was used to install dangerous malware called Vultur on your handset.

Vultur is designed to target financial services apps so that it can steal users' banking information and take their money. Pradeo suggests that if you have this app on your phone or tablet, delete it immediately. The Google Play team has been told about this discovery by Pradeo and 15 days later it was removed from the Google Play Store on January 27th

It is bad enough that the 2FA Authenticator app asks for permission to take pictures and videos using the camera on your device, disable your screen lock, have full network access, run at startup, draw over other apps, and prevent your device from sleeping. Unbeknown to the device owner, the app secretly was granted other permissions including the ability to disable the keyboard, permission to access the internet and foreground services, permission to query all packages, permission to use biometrics, and use the victim's fingerprint.

The latter two, which were the ability to use biometrics and the victim's fingerprint, might reveal how the app is able to break into a user's financial apps and accounts and steal the information that allows it to access the user's bank, other financial institutions, and rob him blind.

Other dangerous permissions allow the malware to perform activities even when the app is shut off. One of the permissions the malware grants allows third-party apps to be installed under the guise of being an update. Another one disables the keylock and any associated password security, and yet another gives permission for SYSTEM_ALERT_WINDOW of which Google says, "Very few apps should use this permission; these windows are intended for system-level interaction with the user."

We're not your mom, but we do want to help you avoid getting ripped off by malicious apps. If you're a loyal PhoneArena reader, you know that we constantly remind you that if you're not familiar with the developer of an Android app that you're about to install, look at the comments section in the Play Store for red flags. And sure enough, there is one for 2FA Authenticator.

Written less than a week ago, the comment says "DO NOT DOWNLOAD THIS APP!!!" I Just downloaded it and it tried to force me to install some BS update off the internet as soon as I opened the app and when I closed the app it forced itself open again, and again, and again so I had to restart my phone to delete the app. Don't download it." What kind of phone owner would install an app after reading that comment about it?

Even though the app is no longer in the Play Store, it can still be on your phone


The Vultur malware that 2FA Authenticator "drops" into your phone will record every keystroke you make including invisible keystrokes such as passwords. We don't have to tell you how dangerous this is. The unique package name is "com.privacy.account.safetyapp." Just because the app has been removed from the Play Store doesn't mean that it has been removed from your phone.

To get rid of 2FA Authenticator (which you need to do immediately if you have it on your device) is to go to Check Settings > Apps and look for 2FA Authenticator or another suspicious app. Tap the three dots in the top right corner of the screen and select "Show system" because malicious apps sometimes park there.



Comments

Popular posts from this blog

Genshin Impact: Best Nahida Build Guide

The best build for Nahida in Genshin Impact is quite complicated as players need to balance her stat out. So far, Archons in  Genshin Impact  have not been disappointing. Venti is still a top-tier crowd controller, Zhongli is the  best shielder in  Genshin Impact , and Raiden Shogun is a tremendously powerful Sub-DPS and battery. Sadly, while many expect Nahida to take a whole new role, she, like Raiden, is also a Sub-DPS. For the Dendro Archon to become a powerful Sub-DPS, players must be familiar with Nahida’s best build in  Genshin Impact . The best build for Nahida in  Genshin Impact highly relies on her team composition  and how good players’ artifacts are. To put it simply,  Nahida has an obvious diminishing return, so Travelers must consider all sorts of stat buffs from Nahida’s team before determining her best build . This is because Nahida’s fourth-ascension passive (A4) allows her to buff her Skill DMG based on her Elemental Mastery (EM)...

NASCAR Heat 5 2022 Season Update available as of 22nd June

  An update to NASCAR Heat 5 that includes the 2022 NASCAR Cup Series season and the NASCAR NEXT Gen car released in DLC form on 22nd June for $9.99. The long-awaited 2022 Season Update to NASCAR Heat 5 has finally released as of Thursday (22nd June). Links to the DLC were made public on Steam and the PlayStation Store earlier in the week and the content unlocked around 10:00 pm BST / 5:00 pm EST on PlayStation, Xbox and PC via Steam. Originally planned to release in October of 2022, the update to the title from 2020 was delayed for quite some time. The predecessor to NASCAR 21: Ignition has been the base for the last two releases from Motorsport Games, in the NASCAR Heat Ultimate+ and NASCAR Rivals releases on the Nintendo Switch the last two years. Here’s what is included for the price point of $9.99. This DLC will be playable in Race Now, Career and Online Multiplayer modes. What this DLC will include is, first and foremost, the 2022 NASCAR Cup Series in terms of the cars. That’...

Pokémon Dev Job Listing References R&D For Next-Generation Hardware

It seems the Pokémon developer Creatures could already looking toward the future of the long-running series. A new job listing at the Japanese company for a 3DCG modeler references "research and development for other next-generation hardware". The same application also mentions the use of Unity and Unreal Engine for project development. Creatures Inc. is one of the major Pokémon developers alongside Game Freak and Nintendo. It previously helped out with Pokémon Sword and Shield and Pokémon: Let’s Go, Pikachu! and Let's Go, Eevee! on 3DCG modelling. It also worked on Detective Pikachu and is currently developing a sequel. In September, a senior programmer job profile at Creatures referenced work on "one unannounced project" and  Detective Pikachu 2  which is apparently "nearing release".

Warzone 2.0 Is Ditching 2v2 Gulags For Boring 1v1 Showdowns

  First came the much-requested changes to   loadout drops , now   Warzone 2.0   is messing with the gulag. With season two’s arrival on February 15, the gulag will no longer make players team up in pairs of two after suffering defeat on the battle royale map. Instead, as in the original   Warzone , it will now focus on 1v1 skirmishes. Unlike in other battle royales,  Call of Duty ’s  Warzone  allows players a chance to jump back into the action after dying. If you’re killed by another player early enough in the game, you’ll get sent to the gulag (there had to have been a better name for that). Here, you’ll square off in a quick deathmatch mode to earn your place back on the main map.  Warzone   2.0 ’s gulag has two teams of two face off, with both members of the winning team rejoining the game. Around halfway through the gulag match, a high-damage-output, bullet-spongey NPC called “the Jailer” will emerge. If the Jailer is defeated, bot...

Gran Turismo 7’s Next Update is Coming This Week, With Four New Cars

​ Gran Turismo series founder Kazunori Yamauchi has taken to Twitter to announce and tease the next update to  Gran Turismo 7 , which will arrive on consoles this coming week. It’s coming a little sooner than anticipated, landing around three weeks after the previous content update on September 29. That’s the shortest interval between content updates yet, with most coming four or five weeks apart — and, with the exception of 1.15 and 1.17, on the last Thursday of each month. Another unusual facet is that the update, which we’re temporarily dubbing 1.25, will bring four new cars instead of the three we’ve seen teased for every update thus far: This set of cars looks relatively easy to identify, although with some qualifiers. Probably the most straightforward is the one in the bottom-left, which looks to be a 1973 Nissan Skyline GT-R. Often dubbed “Kenmeri”, due to a promotional campaign featuring a couple named Ken and Mary, Nissan only produced 19...