Theo The Sun, an Android application called Todo: Day Manager was discovered by researchers at Zscaler ThreatLabz to contain a banking trojan called Xenomorph. This malware can hijack user credentials from banking apps and can even read SMS messages on the device. This allows the app to intercept a two-factor verification code (usually sent via text message) to gain access to the victim’s bank account.
Todo: Day Manager is a dangerous software that needs to be removed urgently from Android devices
Cyber experts warn this is the latest troubling hidden malware to appear in the Google Play Store. Worse still, it is supposed to be quite difficult to remove this app from Android devices. This is because once installed the app will add itself as a device admin app and prevent the user from disabling the Device Admin permission, making it very difficult to uninstall from the phone.
In case the application has not been granted permission, the user can uninstall it from the device. If not, experts say users need to back up the files on the system before performing a factory reset of the phone to remove the app completely.
To prevent dangerous Android apps, a network expert named Chris Hauk says users should pay attention to search results when searching for an app in the Google Play Store. Look at app icons as rogue apps always seem to use the icon from the app they’re impersonating, so if you see multiple apps using the same icon, immediately set question and investigate them closely to find out which are genuine apps. Then look at the developer name, because if the developer name is unrelated to the name of an app, something might be wrong.
Additionally, users need to look at the app’s download count and its description and screenshots. Dangerous apps often have descriptions that contain lots of spelling or grammar errors. At the same time, Android users also need to use Google Play Protect – a tool that helps analyze potentially fake and harmful apps before users download them. Google’s tool also regularly scans apps for malware and will warn users to uninstall rogue apps.