Android users have been warned to check their phones for a dangerous app that has the ability to steal personal banking data.
People are urged to check their most recent Play Store downloads for the app ‘2FA Authenticator’ which can install vicious malware onto Android devices.
The security team at Pradeo issued the warning after discovering the app that is advertised as helping to keep devices safe by adding extra layers of security.
After being downloaded the 2FA Authenticator app fills devices with a bug named Vultur whose sole aim is to target financial services and steal money from bank accounts.
When Google was alerted to the scam last week the app was banned almost instantly from its Play Store.
However, anyone who has already installed the app is still at risk and are warned to delete the dangerous software immediately.
Speaking about the threat, Pradeo said: "Pradeo’s researchers discovered a malicious mobile application called 2FA Authenticator distributed on Google Play and installed by 10K+ users.
“We identified the application as a trojan-dropper as it is leveraged by cybercriminals to secretly install malware on users’ mobile devices.
“Our analysis revealed that the dropper automatically installs a malware called Vultur which targets financial services to steal users’ banking information. Users of this app are advised to delete it immediately."
This latest threat comes after another nasty bug called BRATA was found to be infecting phones and it not only steals money but also wipes the entire device to avoid being traced.
According to the team Cleafy, BRATA was first discovered by security researchers at Kaspersky back in 2019 with it targeting smartphone owners in Brazil.
The other malware, BRATA, is spreading across the Atlantic with users in the UK, Poland and Italy all thought to be the next targets in BRATA'S sights.
Speaking about the new attack, Cleafy said: "A new BRATA variant started circulating last December. Our research shows that it has been distributed through a downloader to avoid being detected by antivirus solutions.
"The target list now contains further banks and financial institutions in the UK (new), Poland (new), Italy, and LATAM.
"According to our findings, we can expect BRATA to keep staying undetected and to keep developing new features."