Owners of Android phones who have installed Optimization Android app on their devices in order to optimize battery performance are at risk of sensitive data theft.

The app contains a mechanism that bypasses two-factor authentication – due to this victims are exposed to theft of login data for applications such as WhatsApp, Gmail or Skype, as well as PayPal account details or credit card information.

According to Cyberdefence24 if victims activates the “statistics” built into the app he will be forwarded to the PayPal site that requires verification. After filling in the required data user receives an authorization code which might end up costing him a loss of as much as EUR 1,000.

The application also launches a special screen overlay, so that it is able to steal login information for Gmail. Thanks to this, hackers are able to bypass notifications about PayPal transactions before they are read by the victim.

This malicious application has been detected by one of ESET’s employees. If you have it installed on your device you should remove it after booting your Android device in safe mode. In addition to this immediately change your password for instant messaging apps, mail clients and banking services. It is also worth checking the PayPal account status along with its transaction history.