Technical News Office,A potential banking Trojan named ToxicPanda is in the early stages of development. Researchers from Europe and Latin America discovered it. This Trojan is believed to come from another banking Trojan discovered in 2023. With the help of ToxicPanda, the accounts of hacked smartphones are controlled remotely. Through this, cyber attackers can transfer money from the affected user’s account. ToxicPanda was reportedly found on over 1,500 devices. The attackers targeted users of 16 banking establishments.
Clefy Threat Intelligence researchers discovered new Android malware in October. Previously it had been identified as TgToxic. Apart from this, another banking Trojan was also discovered last year by Clefi researchers. The Android malware found was not TgToxic. After that, researchers began tracking it under the name Toxicpanda. Warned that the malware could cause an account takeover (ATO) once a victim’s device is infected.
Researchers claim that ToxicPanda can deceive the user, fail its banking security measures, and cause financial loss to the user. Thanks to the accessibility services present in Android smartphones, ToxicPanda can steal data from all applications. It is so smart that it can even avoid security features like OTP. Users believe that the Chinese are the creators of the ToxicPanda malware and to date it has infected more than 1,500 devices. Most users come from Italy. Then, people in Portugal, Spain, France and Peru were affected. Researchers say existing antivirus solutions fail to detect threats like ToxicPanda. It also shows that malware creators in China are now focusing on other markets.
Share this story
