ToxicPanda Malware On Android Phones Is After Your Bank Accounts!

Android phone users now have another reason to stay away from third-party APK downloads. A new malware, called ToxicPanda, is out in the wild, hunting for innocent people’s bank accounts and you could be next on the list.

The malware situation on Android is much better than what it used to be around 10 years ago. However, despite monumental efforts on Google’s part, threat actors continue to figure out loopholes and carry out dangerous cyberattacks on the masses, compromising financial and identity security. This new one on the block, called ToxicPanda, has also claimed several victims across the world and despite early detection, there’s a possibility that the actors behind this could be revising the code for targetting your phone next.

However, ToxicPanda, like most other malware, can be kept away if users follow certain core security protocols and rely on their presence of mind. 

Hence, let’s take a look at why the ToxicPanda malware is dangerous for Android phone users and how you can keep it at bay.

ALSO READ: Google Invests $4 Million to Boost AI Literacy Among 5 Million Indians

ToxicPanda malware: What does it do?

The ToxicPanda malware is an Android banking malware that infiltrates devices posing as popular financial apps. The malware imitates certain popular third-party apps and can bypass bank security countermeasures to carry on fraudulent transactions. The malware has already affected over 1,500 Android phone users in many countries. 

The malware code has been found to share its code with TgToxic, another banking malware that wreaked havoc in the Southeast Asian regions a couple of months ago. The Cleafy Threat Intelligence team published a report, stating that ToxicPanda bases itself on TgToxic and aims to “initiate money transfers from compromised devices via account takeover (ATO) using a well-known technique called On-Device fraud (ODF).”  

Once the malware is on the affected device, ToxicPanda makes use of Android’s accessibility services to gain permissions to crucial device functions. It then manipulates user inputs and even gains access to several other necessary apps. The malware can intercept One-Time Password (OTPs) shared on SMS or generated using Authenticator apps, allowing the hackers behind this to bypass two-factor authentication and carry on fraudulent transactions. 

The malware often poses as popular apps like Google Chrome, Visa and a couple of dating as well as shopping apps to mislead people into downloading these apps from websites and third-party sources. 

ALSO READ: From GTA VI Leak to Wolverine, These Are the Famous Scams in The Gaming Industry

Which regions have been affected by ToxicPanda?

So far, the malware has been reported to affect approximately 1,500 Android devices across various countries around the world. Italy is said to be the most affected region, followed by Portugal, Hong Kong, Spain and Peru. India, so far, hasn’t seen any victims of the malware yet. 

How to stay safe from malware like ToxicPanda

Threat actors continue to find loopholes in Android owing to its open-source nature but Google has implemented several measures on its part to keep such apps away from innocent people’s reach.

As Android phone users, here are a couple of measures that you can ensure to keep your data and device safe from threat actors. 

- Never download any apps from websites. Most malware often poses as popular apps and forces users to download the APK file. These modified APK files, when installed, pave the way for malware and other malicious apps to gain access to your device’s core controls and allow threat actors to remotely gain command. 

Always ensure that you download new apps and their updates from trusted app stores like the Google Play Store and Samsung Galaxy Apps store. Exercise additional caution while downloading banking and dating apps, since threat actors are often targeting the userbase of these apps. 

- Even while downloading apps/updates from licensed app stores, you should always check the details of the developer. 

- Never share your banking OTPs with anyone over text messages or phone calls. 

ALSO READ: ChatGPT Search Is Live! Time To Bid Goodbye To Google?