Google Play Store security firm Pradeo identified an app intended to make Android users feel more secure online. Hackers had been using the app to download malware onto users’ mobile devices via a technique known as “trojandropping.” Over 10,000 people have downloaded the 2FA Authenticator app.
As a result of this app, your bank account information is stolen and you lose all of your money.
The sarcasm is obvious. In order to verify your identity, two-factor authentication (commonly known as 2FA) is utilized. Let’s imagine your bank needs to verify that you are the individual attempting to contact them regarding your financial matters. As a result, they send a text message to your phone including a code number. As far as the bank is concerned, you’ve shown your identification by entering the right code number from the text. The 2FA Authenticator software, on the other hand, was used to install the deadly Vultur malware on your mobile device.
Vultur is meant to target financial services apps so that it can steal users’ banking information and steal their money. If you have this software installed on your phone or tablet, Pradeo recommends that you remove it right away. After Pradeo alerted the Google Play team to this discovery, it was withdrawn from the store on January 27th, 15 days later.
That the 2FA Authenticator app requests access to your camera, screen lock, and the entire network, as well as running at launch, drawing attention to other open apps and preventing your device from going to sleep, is bad enough. Additionally, the app had access to a variety of other features that were hidden from the user, such as disabling their keyboard, accessing the internet and foreground services, querying all installed apps for data, and even using their fingerprint for biometric authentication without their knowledge.
For example, if the software can access and use biometrics, such as a victim’s fingerprint, it might be able to gain access to the user’s bank account or other financial institutions, allowing it to rob him blind.
When the program is closed, the malware can still carry out its malicious actions. Allowing third-party software to be installed as an update is a permission granted by malware. Google advises that “very few apps should use this permission; these windows are meant for system-level interaction with the user.” Another one removes the keylock and any associated password security, while a third allows permission for SYSTEM ALERT WINDOW.
The fact that we’re not your mother doesn’t mean we don’t care about your safety. PhoneArena readers know that we frequently urge you to check out the comments section in the Play Store before installing an Android app from a developer you don’t know. And, yes, there is one for 2FA Authenticator as you might expect.
Just over a week ago, someone posted, “DO NOT DOWNLOAD THIS APP!!!” to the comment section. My phone kept trying to open the app and installing some BS update as soon as I opened it. When I closed it, it tried to open again and I had to reset my phone to get the app to disappear. Do not save it on your computer.” In the wake of that scathing critique, what type of phone owner would download this app?
You can still use the app even though it is no longer available on the Google Play Store.
Every keystroke you make will be recorded by the Vultur malware that 2FA Authenticator “drops” into your phone. This includes invisible keystrokes like passwords. This is extremely dangerous, and we don’t need to tell you that. Package name: “com.privacy.account.safetyapp.” As long as you haven’t deleted it from your phone’s memory, the app will still be available to you.
Go to Check Settings > Apps and seek for 2FA Authenticator or similar questionable software to remove it from your cellphone. Because fraudulent apps occasionally set up shop in the top right corner of the screen, select “Show system” from the three dots in the top right corner of the screen.
Remove 2FA Authenticator if it appears on the list.