Experts are recommending to delete the Todo Day Manager app, where scammers can gain access to private messages, information through two-step verification codes.
The malware can seize
your banking information and even gain access to your private SMS messages by intercepting your two-step verification codes to raid your logins. Cyber experts at Zscaler ThreatLabz are warning all Android users to check their phones ASAP to ensure they don't have a popular task management app installed, urging everyone who does have it to delete it immediately.
The experts found that the malware is dropped in as a fake Google Service application from the internet hosting service GitHub as soon as Todo is installed. It sneakily starts by asking users to enable access permission. Once that permission is granted, it will add itself as a device admin and won't allow users to disable it.If you have the app installed but did not grant access permission to the malware, then you should be able to delete the app without any issues.
Check the ratings of any app before you download it and make sure to read the comments. If it’s flooded with negative reviews, it’s probably not worth downloading