Be careful, this app supposed to boost your battery hides a terrible Trojan horse!

Computer security researchers at ThreatFabric have discovered that a supposedly battery-boosting app actually harbors a terrible banking Trojan. Problem, this app has been downloaded more than 50,000 times on the Google Play Store.

Although Google does everything possible to protect users and offer verified and harmless applications on the Google Play Store, it regularly happens that some of them fall through the cracks. We remember, for example, the Brata malware spotted in January 2022. This malware is capable of deleting data from your smartphone and emptying your bank account. Or even this fake Flash Player app that hid a formidable malware.

We owe the discovery of the day to computer security researchers at ThreatFabric. In effect, they brought to light a new threat on the Google Play Store: the Fast Cleaner application. Supposed to boost the battery and clean your phone, this utility actually houses a banking trojan capable of stealing your credentials and intercepting double authentication SMS discreetly.

A new malware similar to “Alien”

This malware, never discovered until now, was dubbed “Xenomorph” by ThreatFabric experts. Why this reference? Because the malware shares several similarities with the “Alien” malware, a banking trojan that has been regularly talked about. The good news in all of this is that “Xenomorph” was discovered at an early stage of development. In other words, some of his malevolent abilities were not yet operational at the time of its discovery by researchers.

Of course, the bad news is that the operators behind “Xenomorph” can very well activate these abilities remotely at any time. A problem when we know that Fast Cleaner has been downloaded more than 50,000 times on the Google Play Store. If you have installed this app on your smartphone, it is obviously more than recommended to delete it as soon as possible.

Note also that “Xenomorph” mainly attacks European bank apps (56 in total), according to the findings of ThreatFabric. Besides deleting the app, the researchers also advise contacting your banking institution to ensure thatno operation has been carried out without your authorization.

Source: PhoneArena