ToxicPanda is a new threat to Android phones and your bank accounts, here’s how you can stay safe
A new malware named ToxicPanda is posing a major threat to Android users by targeting their bank accounts. Disguised as trusted apps, this Trojan is spreading globally, making it imperative for users to exercise caution while surfing online.
listen to the story
A new malware is currently spreading globally, putting Android users and their bank accounts at risk. This sophisticated Trojan malware, named ToxicPanda, reportedly spread across different countries by disguising itself as popular apps like Google Chrome and banking apps. According to the threat intelligence team at cybersecurity firm Cliffy, more than 1,500 devices across Europe and Latin America have already been compromised by ToxicPanda.
According to researchers, ToxicPanda is a financial-focused Trojan derived from an older malware family called TgToxic. This new version is highly specialized, designed to bypass even standard banking security measures and enable unauthorized withdrawals directly from users’ accounts.
The primary goal of cybercriminals using this Trojan is to commit financial fraud by exploiting Android’s accessibility features and intercepting one-time passwords to gain permission to manipulate high-level device functions. What makes this particularly serious is that the malware’s capabilities allow attackers remote access, making it possible to take control of infected devices from anywhere in the world.
Researchers say what makes ToxicPanda more dangerous is that it disguises itself as trusted applications like Google Chrome or popular banking apps, tricking users and bypassing bank security checks. Is. Victims are often unaware that their device has been compromised until they discover unauthorized transactions on their bank statements.
“ToxicPanda’s main goal is to initiate fund transfers from compromised devices through account takeover (ATO) using a technique called on-device fraud (ODF),” Clefi researchers explained via Hacker News.
The report reveals that hundreds of users have been exposed to this trojan so far and most of these victims are from countries like Italy (56.8 percent), followed by Portugal (18.7 percent), Hong Kong (4.6 percent), Spain ( 3.9 percent, and Peru (3.4 percent).
How does ToxicPanda infect smartphones?
The researchers explain that ToxicPanda spreads primarily through sideloading – when users download and install apps from sources outside the official app stores, such as Google Play or the Galaxy Store. Cyber criminals create fake app pages to trick users into downloading malware. Although not available on major app stores, the malware is reportedly still under active development.
While the identity of ToxicPanda’s creators remains uncertain, Clefi’s analysis suggests it likely originated in China, possibly Hong Kong.
How to protect yourself from ToxicPanda
- Vigilance and caution are important to protect your Android device and sensitive financial information. Here are some safety tips to follow:
- Download apps only from official sources like Google Play Store or Galaxy Store. Sideloading from unofficial third-party sites greatly increases your risk of malware exposure.
- Update your software regularly as companies release updates with important security patches to avoid emerging threats. Make sure your device’s operating system and apps are up to date.
- Keep a close eye on your account activity. Set up alerts for suspicious transactions so you can be immediately notified of any unauthorized activity.
- Ignore installation prompts when browsing or using apps outside an official store. Such signs often indicate malware attempting to install itself on your device.