Android Malware: ToxicPanda is a new and dangerous malware that is especially targeting Android users. Bank accounts are being put at risk through this malware. This malware spreads by disguising itself as popular apps like Google Chrome and banking apps. According to a report by cyber security company Cleafy, more than 1500 devices in Europe and Latin America have been affected by this malware.
ToxicPanda is derived from an older malware family called TgToxic and is specifically designed to bypass banking security. It withdraws money from users' accounts without permission. It uses Android's accessibility features to steal one-time passwords from targeted users and also allows it to control high-level functions of the device.
This malware misleads users as it disguises itself as trusted apps like Google Chrome and banking apps. Users do not even know that their device is infected with malware. However, users realize this when they see any unauthorized transactions from their account.
ToxicPanda spreads through sideloading, meaning when users download apps from third-party websites instead of official app stores like Google Play or Galaxy Store. This malware is actively being developed and is being created by Chinese (possibly Hong Kong) hackers.
Only download apps from official sources like Google Play Store or Galaxy Store. Downloading apps from third-party sites can be dangerous.
Update your software regularly. Companies release updates with security patches, which protect you from new threats.
Monitor your bank account activity and set alerts for any suspicious transactions.
Ignore unauthorized app installation prompts that try to install malware through apps.
