‘Fast Cleaner’ Mobile App May Expose Your Banking Information – NCC Warns

WILL 2 APP ADVERTISEMENTS

Feb. 27 (THEWILL) — Fast Cleaner, an app found on the Google Play Store has been identified as newly hatched malware that steals users’ banking app login credentials on Android devices.

Based on app description on playstore, it helps devices to clean junk files and improve performance.

But this is one channel through which malware, Xenomorph, spreads, according to the Nigerian Communications Commission (NCC).

Xenomorph is malware that was designed to steal credentials, combined with the use of SMS and notification interception to log in and use potential 2-factor authentication tokens.

According to the NCC, there is more than one junk cleaner app named “Fast Cleaner” on Google Playstore.

The malicious Fast Cleaner was removed from the store, according to the NCC’s Computer Security Incident Response Team (CSIRT), but gained more than 50,000 downloads before its release.

The CSIRT said on Saturday that Fast Cleaner is one way the Xenomorph Trojan could spread easily and efficiently.

The team explained that the app found its way to the Google Playstore before Xenomorph was placed on the remote server.

According to the CSIRT, the strategy used to deploy the malware makes it difficult for Google to determine whether the app is being used for malicious purposes.

Once installed, NCC explained that Fast Cleaner for Accessibility Services privileges, which gives it additional permissions to access user data.

When users try to uninstall the app, the CSIRT said that the app is unlikely to uninstall from the targeted device.

Another way to harm victims is to steal their banking credentials by overlaying fake login pages on legitimate ones.

They are launched to perform financial transactions without the knowledge of the victim, and their operators will in turn sell the victim’s data to other interested parties.

“Xenomorph was found to target 56 online banking apps, 28 from Spain, 12 from Italy, 9 from Belgium and 7 from Portugal, as well as cryptocurrency wallets and general-purpose apps like mobile services. The Fast Cleaner app has now been removed from the Play Store, but not before garnering over 50,000 downloads,” the CSIRT said.

Comments are closed.