The research comes via security firm ThreatFabric, which took a deep dive into the Fast Cleaner app. It had around 50,000 installs before it was taken down by Google. “Based on the intelligence gathered, users of 56 different European banks are among the targets of this new Android malware trojan, distributed on the official Google Play Store, with more than 50.000 installations,” the research team said in a blog post (via Phone Arena). ThreatFabric revealed that the Fast Cleaner app infects the Android device with a trojan designed to steal sensitive information from the user. This could include reading texts or notifications without the user ever knowing about it. The research team calls this new malware “Xenomorph,” adding that it has some similarities with the recent Alien banking trojan.
Researchers said that Xenomorph is a relatively new malware and not as advanced as the Alien trojan
Of course, nobody would willingly download a malicious app on their device. Users who downloaded the app went by its description, which says it is a “battery saver” and a “phone booster” app. If you still have this app on your Android smartphone, be sure to delete it right away. Unfortunately, deleting the malicious app alone may not be sufficient. Users should also check their bank statements for any suspicious activity or contact the bank for any further clarification. Given that there are several apps with similar-sounding names, it is nearly impossible to distinguish between the good and bad. As for the Fast Cleaner app, it was published on the Play Store by a developer known as “ilzeeva4.” ThreatFabric’s report claims Xenomorph was still in its nascent stages when it was found. This suggests that it may not be as advanced as the Alien trojan. As the graph below shows, this app was mainly targeting users across Europe. In terms of future measures, users should always double-check the apps they download. It’s also wise to go through the ratings and reviews on the Play Store or through other sources.