216.73.216.86

ToxicPanda: a new banking trojan from Asia hit Europe and LATAM

· Published 06/11/2024 11:19 · Modified 06/11/2024 11:36

Export JSON

Essential information

Published
06/11/2024 11:19
Modified
06/11/2024 11:36
Tags
2024-11-06 accessibility abuse aes encryption android banking trojan c2 infrastructure chinese threat actors europe latin america on-device fraud tgtoxic toxicpanda
Related entities
19 observables, 1 intrusion sets (apt), 2 malware, 7 others

Description

A new called has emerged, targeting and . Originating from Chinese-speaking threat actors, it has infected over 1500 devices across Italy, Portugal, Spain, and other countries. exploits accessibility services for account takeovers and . It can intercept OTPs, remotely control devices, and collect sensitive data. The malware uses for C2 communication and has a sophisticated control panel. While less advanced than some trojans, 's expansion into new regions marks a significant shift in the threat landscape.

External references