A new banking trojan known as ToxicPanda began to affect users of Android in Europe and Latin Americainfecting more than 1,500 devices.
This malicious software aims steal banking information and funds from their victims’ accountsand has managed to expand rapidly, affecting countries such as Italy, Portugal, Hong Kong, Spain and Peru.
What is ToxicPanda and how does it affect devices?
ToxicPanda is a simplified variant of TgToxic malwareidentified in 2023. Although it has fewer functionalities, it is still a critical threat, capable of intercepting one-time passwords (OTP) and steal confidential data.
This malware need accessibility permissions on androidwhich is a warning sign. Once installed, the Trojan allows attackers to make money transfersintercept authentication messages and access private information on the device.
This virus has spread rapidly using the modality known as sideloadingwhich consists of downloading and installing applications from sources external to official stores, such as Google Play Store wave Galaxy Store.
How does ToxicPanda spread?
As indicated in different reports, hides in fake applications that imitate Chrome, Visa and 99 Speedmart. These applications They are distributed through third-party websites, social networks and potentially in phishing campaigns.
Fortunately, the malware is not available in official stores such as Google Play Store or the app store Samsungwhich reduces risk for users They download only from verified sources.
It was developed by cybercriminals who have developed fake application pages that pretend to be reliable services, tricking users into downloading them. Once the victim installs the app, malware begins to operate covertly.
How to protect your device from ToxicPanda?
To prevent ToxicPanda infections, it is essential download applications only from official stores and avoid suspicious links on social networks or text messages.
Furthermore, it is recommended review the permissions requested by installed applicationsas accessibility permissions for suspicious apps can be a sign of malware.
ToxicPanda’s attack is a reminder of the importance of taking precautions when downloading applications and having appropriate security measures on our devices.
Source: Ambito
I am an author and journalist who has worked in the entertainment industry for over a decade. I currently work as a news editor at a major news website, and my focus is on covering the latest trends in entertainment. I also write occasional pieces for other outlets, and have authored two books about the entertainment industry.
