All Android users are warned to delete the app immediately – it steals your banking login

ANDROID phone owners are warned about a dangerous app that steals your banking information.

You must immediately check your phone to make sure it’s not installed, cyber experts say.

Todo Day Manager app has been flagged as dangerous by cyber experts


Todo Day Manager app has been flagged as dangerous by cyber expertsImage credit: Google/Zscaler

The app is called Todo: Day Manager and has been criticized by security specialists.

According to researchers at , it installs a banking Trojan malware called Xenomorph Zscaler ThreatLabz.

This can hijack your banking app credentials and even read your SMS messages.

This allows the app to intercept your two-factor verification codes (usually sent via text message) to hijack your logins — and your bank account.

Mom shares hacks to get her laundry dry now it's cold and people can't get enough
I tried painting my car after watching a youtube video and it looks awful

“This is the latest in a worrying series of hidden malware in the Google Play Store,” cyber experts warn.

Worse, the Android app intentionally makes itself difficult to delete.

You must immediately scan your phone for it and uninstall it, cyber experts say.

“Our analysis revealed that when the app is installed, the Xenomorph banking malware is deleted from GitHub as a fake Google service application,” Zscaler cyber experts said.

“It starts by prompting users to enable access permission.

“Once deployed, it adds itself as a device admin and prevents users from disabling the device admin, making it uninstallable from the phone.”

If you haven’t given the app permissions, you should be able to uninstall it safely.

Otherwise, you may need to back up your files and then factory reset your phone to completely delete the app.

Advice to stay safe

We spoke to cyber expert Chris Hauk, who shared some tips on avoiding shady Android apps.

Here’s what Chris, who works as a Consumer Privacy Advocate at Pixel Privacy, shared The sun

“When you search for an app on the Google Play Store, pay close attention to the search results,” explains Chris.

“Look at app icons: Fake apps almost always use the icon of the app they are spoofing. Be suspicious of apps that use the same icons. Examine them closely to find out which is the real app.

“Look at the developer’s name. For example, we know that WhatsApp Messenger app is offered by WhatsApp LLC. The rogue app might display the developer’s name as ‘Big Bill Johnson LLC’, indicating that something is wrong.

“Look at the app’s download count. If you look at the WhatsApp app, it should have billions of downloads. If the app only has a few hundred or thousands of downloads, that’s a good indication that the app is a rogue app.

Millions of Android owners have warned that anyone can bypass your lock screen
How to hide your online status on WhatsApp for iPhone and Android

“Look at the description and screenshots of the app. The description may contain multiple spelling or grammatical errors or otherwise broken English.”

Chris added: “Also use Google Play Protect. Google Play Protect analyzes potentially fake and malicious apps before you download them, and also regularly scans your apps for malware and warns you when you uninstall rogue apps.”

The best tips and hacks for phones and gadgets


Looking for tips and hacks for your phone? Want to find these secret features in social media apps? We’ve got you covered…

Get the latest news about WhatsApp, Instagram, Facebook and other tech gadgets here.

We pay for your stories! Do you have a story for The Sun Online Tech & Science Team? Email us at All Android users are warned to delete the app immediately – it steals your banking login

Fry Electronics Team

Fry is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – The content will be deleted within 24 hours.

Related Articles

Back to top button