This new malware can infect your Android device and steal sensitive information: How to stay safe

Updated on 06-Nov-2024
HIGHLIGHTS

ToxicPanda primarily spreads through sideloading.

Once downloaded, the malware gains access to sensitive information.

This malware originates from an earlier malware family known as TgToxic.

If you’re an Android phone user, beware! A new malware is surfacing online called the ToxicPanda. This malware is rapidly spreading worldwide rapidly and affecting Android users. The malware is disguised as trusted apps. A cybersecurity firm Cleafy reported that over 1,500 devices across Europe and Latin America have already been compromised by this malware. Countries most affected include Italy, with 56.8% of reported cases, followed by Portugal (18.7%), Hong Kong (4.6%), Spain (3.9%), and Peru (3.4%).

How does ToxicPanda work?

ToxicPanda primarily spreads through sideloading, when users don’t download apps from authorised playstores. The ToxicPanda malware infiltrates the devices by mimicking popular apps like Google Chrome and various banking apps. Users think that these apps are legit and download them. Once downloaded, the malware gains access to sensitive information and even bypasses standard banking security measures. According to Cleafy’s Threat Intelligence team, this malware intercepts OTPs and manipulates high-level device functions through Android’s accessibility features. Post that, attackers can remotely control infected devices and initiate unauthorised transactions.

This malware originates from an earlier malware family known as TgToxic. ToxicPanda is designed for financial fraud. Cybercriminals exploit on-device fraud (ODF) techniques to initiate money transfers from compromised devices through account takeovers (ATO). What this means is that victims won’t even find out about this until they check their account activity.

How can you protect yourself from ToxicPanda?

To protect yourself from ToxicPanda, follow these tips:

•   Download apps only from official sources like the Google Play Store.
•   Update your software regularly.
•   Monitor your account activity and set up alerts for suspicious transactions.
•   Ignore downloading apps from random links. 

Stay safe and vigilant and make sure that you keep monitoring your device for such activities.

Mustafa Khan

Mustafa is new on the block and is a tech geek who is currently working with Digit as a News Writer. He tests the new gadgets that come on board and writes for the news desk. He has found his way with words and you can count on him when in need of tech advice. No judgement. He is based out of Delhi, he’s your person for good photos, good food recommendations, and to know about anything GenZ.

Connect On :