1. Forum
  2. tqw
  3. TQW GENTECH

  • Dangerous Android banking malware looks to trick victims with fak

    From TechnologyDaily@1337:1/100 to All on Wednesday, November 06, 2024 20:30:05
    Dangerous Android banking malware looks to trick victims with fake money transfers

    Date:
    Wed, 06 Nov 2024 20:21:00 +0000

    Description:
    ToxicPanda is stealing money across Europe and Latin America, with Italy
    being particularly hit.

    FULL STORY ======================================================================ToxicPan da can initiate money transfers and even grab MFA codes The banking trojan is targeting consumers in Europe and Latin America More than 1,500 devices already compromised

    A Chinese hacker is targeting Android devices in Europe and Latin America
    with a banking trojan able to steal money from victims accounts.

    A new report from cybersecurity researchers Cleafy says the trojan, ToxicPanda, is quite similar to a piece of older, known malware called TgToxic, which was first spotted in 2023. The two have some similarities, although ToxicPanda can be described as a lite version, since many features seem to be stripped down, and some were left as simple placeholders.

    Despite being lighter, ToxicPanda is still a capable piece of malware. It can initiate money transfer, intercept one-time passwords (OTPs) generated both through SMS or authenticator apps, and manipulate user inputs. It can also steal sensitive information from the compromised device, and capture data
    from other apps. However, to do all that, the app needs to be given
    permission to access Androids accessibility services, which is a usual red flag for Android -borne malware. Years-long campaign

    In any case, the malware is usually hidden in fake Chrome, Visa, or 99 Speedmart apps, most likely distributed through third-party websites, social media channels, and possibly phishing. The malicious apps cannot be found on official app repositories (Google Play Store, Samsungs app store, or
    similar), and the researchers still speculate on how the apps are being advertised across the web.

    So far, the threat actor seems to have infected more than 1,500 Android devices. The majority is located in Italy (56.8%), and Portugal (18.7%), with other notable mentions being Hong Kong (4.6%), Spain (3.9%), and Peru (3.4%). The researchers discovered this information by accessing ToxicPandas command-and-control (C2) panel.

    The defense mechanisms against these types of attacks remains the same - be careful to only download apps from vetted sources.

    Via The Hacker News You might also like Volt Typhoon is actually a CIA
    asset, China claims Here's a list of the best firewalls today These are the best endpoint protection tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/dangerous-android-banking-malware-looks -to-trick-victims-with-fake-money-transfers


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)