Delete this from your phone immediately. It steals your banking credentials.

• ToxicPanda, the malware that targets Android phones, is once again becoming a serious threat.
• The malware is spread by fake websites offering supposed Google Chrome updates.
• The main victims are users of Samsung A, Xiaomi Redmi and Oppo A models.

According to "Telepolis," ToxicPanda, first detected in 2022, is back in the spotlight. The latest attacks are focused on selected European countries, including Poland. Furthermore, the malware is constantly being improved, giving cybercriminals increasingly effective tools to carry out attacks.

The malware targets Android phones. It's being distributed via fake websites that claim to offer crucial updates to Google Chrome, we read.

Many users unknowingly install malware , so it is extremely important to only download applications from trusted sources.

How does ToxicPanda work? "Telepolis" explains that it uses accessibility features designed for people with disabilities, which allows it to gain almost complete control over its phone. This allows it to:

• bypass system security measures,
• capture confidential data such as passwords or one-time authorization codes.

Fraudsters using ToxicPanda are primarily interested in acquiring banking login credentials. The malware can display fake windows and applications that pretend to be banking login pages. By entering their data, users unknowingly provide it to cybercriminals. Currently, the malware is capable of imitating approximately 39 different banking applications.

Analysis shows that the main victims of ToxicPanda are users of phones from the following series:

• Samsung A,
• Xiaomi Redmi,
• Oppo A.