Toxicpanda spreads mainly through fake websites that impersonate Google Chrome browser updates. Users who decide to download the alleged update in fact install malware on their devices. A key element of defense against this threat is to download applications only from trusted sources, such as Google Play – although even there are exceptions.
Malware uses system functions for people with disabilities, which allows him to take over almost full control over the device. Thanks to this, cyber criminals can bypass security, capture passwords and disposable authorization codes, which puts users in a particularly difficult situation.
Toxicpanda attacks Android smartphones. Main goal: Banking data
The purpose of toxicpanda is to steal login data to banks. Malware can imitate the appearance of about 39 banking applications, displaying false login windows. The introduction of the login and password in such a window results in the transfer of this data directly to the hands of cyber criminals.
Toxicpanda. How to remove?
One of the biggest challenges related to Toxicpanda is its removal. Attempts to uninstall the application or disable functions for people with disabilities are unsuccessful. As the TELEPOLIS.PL portal advises, the only effective method is to connect the phone via ADB and enter commands:
-`ADB Shell am Force-Stop com.Examample.Mysoul`
– `adb uninstall com.example.mysoul`
Toxicpanda. Who is most exposed?
Attack analysis indicates that TOXICPANDA victims are mainly owners of lower price equipment. In particular, models from the Samsung A, Xiaomi Redmi and Oppo A series are at risk. This shows that cyber criminals aim at users who may not be aware of the risk or invest in additional security.
Source: telepolis.pl
