‘Fast Cleaner app’ is stealing users’ bank details on Android devices, NCC warn Nigerians


The Nigerian Communications Commission (NCC) has warned the public of a malicious app called ”Fast Cleaner” — which steals users’ banking app login credentials on Android devices.

Ikechukwu Adinde, NCC director of public affairs, issued the warning in a statement posted on the commission’s website on Saturday.

Checks by newsmen showed that there are numerous apps named “Fast Cleaner” on Google Playstore.

“Xenomorph is propagated by an application that was slipped into Google Play store and masquerading as a legitimate application called “Fast Cleaner” ostensibly meant to clear junk, increase device speed and optimize battery. In reality, this app is only a means by which the Xenomorph Trojan could be propagated easily and efficiently,” the statement reads.

“To avoid early detection or being denied access to the PlayStore, “Fast Cleaner” was disseminated before the malware was placed on the remote server, making it hard for Google to determine that such an app is being used for malicious actions.

“Once up and running on a victim’s device, Xenomorph can harvest device information and Short Messaging Service (SMS), intercept notifications and new SMS messages, perform overlay attacks, and prevent users from uninstalling it.

The threat also asks for Accessibility Services privileges, which allow it to grant itself further permissions.

“The CSIRT said the malware also steals victims’ banking credentials by overlaying fake login pages on top of legitimate ones.

“Considering that it can also intercept messages and notifications, it allows its operators to bypass SMS-based two-factor authentication and log into the victims’ accounts without alerting them.”

Adinde said according to a security advisory from the NCC CSIRT, the malware has high impact and high vulnerability rate.