(Image credit: Getty Images/Nuthawut Somsuk)

The Google Play Store has been a breeding ground for malicious Android apps masquerading as innocuous platforms — and it’s getting out of hand. In case you missed it, Zscaler ThreatLabz published a report last Thursday revealing that, within the last three months, it discovered over 50 apps (attracting 500k+ downloads) that had ill intentions. 

In one of its most recent discoveries, the security researchers spotted a trojan dubbed Xenomorph hiding inside a harmless-looking lifestyle app. And it’s not any ol’ trojan; it’s a banking trojan. It’s designed to steal your sensitive information from banking apps. 

Beware of the Xenomorph

“Todo: Day Manager” is the name of the cyber threat. Not only can it steal credentials from banking applications on your device, but it can also intercept your text messages and notifications. This means it can snatch your one-time passwords and slip through any multifactor authentication barriers.

ToDo: Day Manager

ToDo: Day Manager (Image credit: Zscaler)

Upon installing the app, ToDo: Day Manager asks users to enable certain permissions. Once the unwitting victim acquiesces to its requests, the app makes itself your device’s admin — and blocks you from reversing this change. This ensures that you can’t install it from your phone.

Next, it superimposes an overlay (e.g. a fake login screen) on top of legit banking apps installed on your device, tricking you to enter your credentials. As a result, you may inadvertently hand over your banking information to cybercriminals. 

Interestingly, the researchers noticed that the modus operandi of the Xenomorph trojan is similar to another malicious malware family they discovered three months ago: the Coper banking trojan.

“This trojan was similarly embedded in apps on the Google Play Store and sourced its malware payload from the Github repo,” the report said.

Fortunately, Google removed the malicious threats from the Play Store, but this won’t be the last banking trojan that will wiggle its way into the Android app store. With so much malware sneaking past Google Play’s defenses, the search engine giant needs to deploy better hawk-eyed methods to keep cybercriminals at bay.

Kimberly Gedeon, holding a Master’s degree in International Journalism, launched her career as a journalist for MadameNoire’s business beat in 2013. She loved translating stuffy stories about the economy, personal finance and investing into digestible, easy-to-understand, entertaining stories for young women of color. During her time on the business beat, she discovered her passion for tech as she dove into articles about tech entrepreneurship, the Consumer Electronics Show (CES) and the latest tablets. After eight years of freelancing, dabbling in a myriad of beats, she’s finally found a home at Laptop Mag that accepts her as the crypto-addicted, virtual reality-loving, investing-focused, tech-fascinated nerd she is. Woot!

The post This app was caught stealing info from victims’ bank apps — do you have it on your phone? first appeared on

New reasons to get excited everyday.

Get the latest tech news delivered right in your mailbox

5 Reasons Why You Should Try Online Horse Race Betting

In many places around the world, horse races are an attraction that a lot of people love to watch. With the fast-paced action and thrill that each game provides, it is no longer surprising to know that millions of fans have grown fond of it.

NordLayer — more than a business VPN

Cybersecurity threats have become vast and more sophisticated. The rate of malware attacks and malicious activity counts within seconds despite the size or sector the organization belongs to — no one is safe enough to expect that foe actors will bypass vital company resources.

You may also like

Notify of
Inline Feedbacks
View all comments

More in Tech News