Android phone users urged to remove dangerous app that can access personal banking details

Android smartphone users have been warned to check their phones for an app capable of stealing personal banking information.

Users are advised to check their recent downloads on the Play Store to see if the “2FA Authenticator” app is installed on their phone.

The app is falsely advertised as helping protect devices by adding extra security, but it can actually download vicious malware.

Once installed on the phone, 2FA Authenticator fills it with a bug named Vultur which steals money from a bank account.

Google became aware of the scam last week and immediately banned the app from the Play Store.

But anyone who has already downloaded the app is still at risk and should remove it from their device immediately.

Speaking about the app, software company Pradeo said: “Pradeo researchers discovered a malicious mobile app called 2FA Authenticator distributed on Google Play and installed by over 10,000 users.

“We have identified the app as a trojan-dropper because it is exploited by cybercriminals to secretly install malware on users’ mobile devices.

“Our analysis revealed that the dropper automatically installs malware called Vultur which targets financial services to steal users’ banking information. Users of this app are advised to remove it immediately.”

The scam is the latest in a series of phishing emails, phone calls and text messages to hit Ireland.

If you have downloaded this app, make sure to remove it immediately.

Also, if you think your bank account has been hacked, report it to the Gardaí.

A spokesperson told RSVP Live: “An Garda Síochána encourages people who have reason to suspect they are victims of cybercrime to report to their local Garda station.”

They’ve also provided information on what to do if you’re worried you’ve fallen or have been scammed recently:

• Do not communicate with the caller
• Don’t press 1 etc…
• Do not click on any links in emails or text messages
• Don’t send them money
• Do not download remote access apps/software
• Do not withdraw money and deposit it in cryptocurrency ATMs
• If someone calls your home, don’t let them in without seeing Identification – if in doubt, call the local station or 999
• Screenshot of email, text or other communications

Get the latest RSVP headlines free straight to your inbox by subscribe to our newsletter