Name of Malware: ToxicPanda

Type of Malware: Banking-Trojaner, RAT

Affected Operating Systems: Android

Affected Device Types: Mobile phones, smartphones, tablets

Impact: high

What is ToxicPanda?

ToxicPanda is a banking Trojan designed for Android devices. It takes complete control of an infected device and is also capable of intercepting 2FA codes sent via SMS. The malware is primarily used to carry out unwanted transactions on behalf of the victim.

How did I get infected with ToxicPanda?

ToxicPanda requires the active installation of an infected application outside the Google Play Store, which pretends to be a harmless one, such as a browser or a dating app.

What do I have to do now?

The compromised device can be disinfected by removing the app, which ToxicPanda will try to prevent. It may be necessary to perform a factory reset.

Further information on removing this malware can be found under Removing infections from smartphones and tablets.

Technical specifications

Further information on this malware can be found on the website of our project partner Fraunhofer FKIE.