Beware of this dangerous application, it can steal sensitive data

Another malicious application has infiltrated the Google Play store to steal sensitive data from users’ banking applications. The security company Pradeo pointed out her presence in the store.

Thousands of users have been compromised by sensitive data

The 2FA Authenticator application was freely available for download for 15 days and was installed by more than 10,000 users. It looked like a useful tool to help you simplify two-factor authentication across multiple services. In reality, however, the attackers only took the code from the real open-source application Aegis Authenticator and added malware to it.

After installation, the malicious application requested several “critical permissions” from the victims, which allowed it, for example, to disable password security, download applications and their updates from third-party sources, or continue running in the background even after closing.

Subsequently, she checked the user and, if he met the conditions set by the attackers, secretly downloaded and installed malware called Vultur. It can record the device’s screen and record keystrokes as you type, making it easy to retrieve any victim data. In this case, the perpetrators focused on the information entered when logging in to the banking applications.

Uninstall the malicious application from the device immediately

If you managed to install the mentioned application, immediately remove it from the device and change the login details to your internet banking. We also recommend checking with your bank for an unauthorized login to your account or the theft of money.