Seemingly safe but dangerous, this Android third-party double verification app will steal your money

For most users, it is basic knowledge to open a double verification mechanism for their accounts. In addition to the double verification mechanism provided by Apple or Google, some users also choose to download third-party double verification applications to help make their personal information more secure.

2FA Authenticator - Delete this Android App Before it Cleans out Your Bank  Account | TechnoidHost

But things may not be as good as you think.

Pradeo, a foreign information security company, found a malicious application called “2FA Authenticator” in the Google Play app store (the application was removed from the Google Play platform on January 27), which has been downloaded more than 10,000 times on the Google Play app store.

Pradeo researchers found that the malicious app contains a Trojan horse that hackers used to install malware on users’ mobile devices to steal their bank account information, and recommended that users who have downloaded the app should remove it as soon as possible.

Warning! Please uninstall this android app now before you empty your bank  account

According to Pradeo researchers, this is a “well-hidden” malicious application because it nominally makes the user’s mobile device look more secure, but in reality it puts your bank account information at risk.

MWC 2019: Pradeo and Samsung Rethink Mobile Security With Their Joint  Solution

For example, the app requires users to allow the app to open camera permissions on the device, disable your device’s screen lock, have full internet access, and override other apps to prevent your device from going to sleep.

To make matters worse, the app also steals other permissions from your device, including the ability to disable the keyboard, access to the web and foreground services, access to device biometrics (such as fingerprints), and more. Allowing the app to use the biometric features of your device is the most serious, as this is the easiest way for hackers to break into your bank account app.

Did You Install This Malicious Android 2FA Authenticator App? | PCMag

If you want to make sure you are free of the 2FA Authenticator, the fastest way is to open your phone’s Settings and go directly to If you do find the app on your phone, then click “Uninstall” on the page.