Beware! Delete These Android Apps Because They May Be Stealing Your Bank Credentials

Most of these apps have been downloaded over 300,000 times!

Share on twitter
Share on facebook
Share on whatsapp

Researchers have recently discovered popular Android apps on Google Play contain malicious trojans that might’ve got your bank details and credentials. Ars Technica reported that these apps got 2FA codes and credentials and also logged keystrokes and took screenshots.

The scariest part is that the apps were disguised as regular apps that most people frequently use, like PDF scanners, QR scanners, and even Crypto Wallets.

Here’s the list of apps that you should delete right now:

  • Two Factor Authenticator (com.flowdivision)
  • Protection Guard (
  • QR CreatorScanner (com.ready.qrscanner.mix)
  • Master Scanner Live (com.multiffuctuon.combine.qr)
  • QR Scanner 2021 (com.qr.code.generate)
  • QR Scanner (com.qr.barqr.scangen)
  • PDF Document Scanner – Scan to PDF (com.xaviermuches.docsscannerpro2)
  • PDF Document Scanner (
  • PDF Document Scanner Free (
  • CryptoTracker (
  • Gym and Fitness Trainer (com.gym.trainer.jeux)
  • Gym and Firness Trainer (com.gym.trainer.jeux)

The researchers said in a post, “What makes these Google Play distribution campaigns very difficult to detect from automation (sandbox) and machine learning perspective is that dropper apps all have a tiny malicious footprint. This small footprint is a (direct) consequence of the permission restrictions enforced by Google Play.”

Abubakar Mohammed

Abubakar Mohammed

Abubakar is a passionate tech writer whose love for tech started in 2011 when he got a Dell Inspiron 5100. When he's not covering Linux and open-source, you'll find him binge-watching anime or Tech content on YouTube.

Find your dream job

Work at your dream company with Fossbytes Jobs