ToxicPanda: A sneaky banking trojan wreaking havoc in Europe and Latin America
Recently, a new banking Trojan known as ToxicPanda has started affecting users in Europe and Latin America, infecting over 1,500 devices. This malicious software aims to steal banking information and funds from its victims’ accounts and has quickly spread, impacting countries like Italy, Portugal, Hong Kong, Spain, and Peru.
What is ToxicPanda and how does it affect devices?
ToxicPanda is a simplified variant of the TgToxic malware, identified in 2023. Although it has fewer functionalities, it remains a critical threat capable of intercepting one-time passwords (OTPs) and stealing confidential data. This malware requires accessibility permissions on Android, which is a red flag. Once installed, the Trojan allows attackers to siphon money, intercept authentication messages, and access private information on the device.
How does ToxicPanda spread?
According to reports from TechCrunch, ToxicPanda hides in fake applications that mimic Chrome, Visa, and 99 Speedmart. These applications are distributed through third-party websites, social networks, and potentially phishing campaigns. Fortunately, the malware is not available in official stores like Google Play Store or Samsung’s app store, reducing the risk for users who only download from verified sources.
To prevent infections from ToxicPanda, it is essential to download applications only from official stores and avoid suspicious links on social networks or text messages. Additionally, it is advisable to review the permissions requested by installed applications, as accessibility permissions for suspicious apps can be a sign of malware.
The ToxicPanda attack serves as a reminder of the importance of taking precautions when downloading applications and having adequate security measures on our devices.
