The urgent warning was issued by Pradeo’s security team, who found a popular app called “2FA Authenticator” capable of installing malware on Android devices after downloading it. What makes this threat worse is that these types of apps are already advertised to help keep devices safe by adding extra layers of security.
2FA Authenticator is doing just the opposite with devices flawed called Vultur whose sole purpose is to target financial services and steal money from bank accounts.
The threat is so serious that once Google alerted the issue last week, it blocked the app almost immediately from the Play Store.
And that’s good news but the threat isn’t over yet: anyone who has already installed this software is still at risk, so it’s essential to delete it immediately.
Speaking about the threat, Pradeo said: “Researchers discovered a malicious mobile app called 2FA Authenticator, which was distributed to Google Play and installed more than 10,000 times. It is used by cybercriminals to secretly install malware on mobile devices.”
The latest threat comes after the discovery of another bug called BRATA, which infects phones and not only steals money, but scans the entire device to avoid being tracked.