ToxicPanda

Description

(Cleafy) ToxicPanda belongs to the modern RAT generation of mobile malware, as its Remote Access capabilities allow Threat Actors (TAs) to conduct Account Takeover (ATO) directly from the infected device, thus exploiting the On Device Fraud (ODF) technique. This consolidation of this technique has already been seen by other banking trojans, such as Medusa, Copybara, and, recently, BingoMod. Adopting a manual approach has several advantages: it requires less skilled developers, TAs can distribute the malware’s target base to any banking customers, and bypass various behavioral detection countermeasures put in place by multiple banks and financial services.

Names

Name
ToxicPanda

Type

Banking trojan
Backdoor

Information

https://www.cleafy.com/cleafy-labs/toxicpanda-a-new-banking-trojan-from-asia-hit-europe-and-latam

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/apk.toxic_panda

Other Information

Uuid

967382b3-4f2a-40d5-b0de-3542861b554b

Last Card Change

2024-12-27

Threat Intelligence Garden

Explorer

ToxicPanda

ToxicPanda

Description

Names

Category

Type

Information

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks