ToxicPanda: a new banking trojan from Asia hit Europe and LATAM
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
A new Android banking Trojan called ToxicPanda has emerged, targeting Europe and Latin America. Originating from Chinese-speaking threat actors, it has infected over 1500 devices across Italy, Portugal, Spain, and other countries. ToxicPanda exploits accessibility services for account takeovers and on-device fraud. It can intercept OTPs, remotely control devices, and collect sensitive data. The malware uses AES encryption for C2 communication and has a sophisticated control panel. While less advanced than some trojans, ToxicPanda's expansion into new regions marks a significant shift in the threat landscape.
OPENCTI LABELS :
latin america,banking trojan,android,on-device fraud,aes encryption,c2 infrastructure,chinese threat actors,toxicpanda,accessibility abuse,tgtoxic,europe
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
ToxicPanda: a new banking trojan from Asia hit Europe and LATAM