Home Tech Government Warns Banking Users of Android Malware That Pretends to Help Generate...

Government Warns Banking Users of Android Malware That Pretends to Help Generate Income Tax Refunds

The government has warned Android users in India about a malware called Drinik to steal sensitive information by promising to generate income tax refunds. Customers of more than 27 Indian banks have already been targeted with the malware, the Indian Computer Emergency Response Team (CERT-In) wrote in an advisory released online. The nodal agency that deals with cybersecurity threats says that the attackers target victims by sending them a link to a phishing website that looks similar to the Income Tax Department portal. It asks users to download a malicious app that installs the Drinik malware.

The Drinik malware was reportedly used as a primitive SMS stealer back in 2016. CERT-In, though, suggested that it evolved recently as a banking Trojan, targeting Indian customers.

As per the details provided in the advisory by the CERT-In, victims receive an SMS message containing a link to the phishing site. It asks for some personal information and then downloads the app. The malicious Android app acts like a genuine version of the solution created by the Income Tax Department to help generate tax refunds. It requires users to grant permissions to access SMS messages, call logs, and contacts and shows a refund application form that asks for details including full name, PAN, Aadhaar number, address, and date of birth, according to the advisory.

In addition to personal details, the CERT-In says that the app asks for financial details such as account number, IFSC code, CIF number, and even debit card number, expiry date, CVV, and PIN.

The attackers claim that these details will be used to help generate tax refunds sent directly to the account of the user. However, in reality, the agency notes that once the user taps the ‘Transfer’ button on the app, it shows an error and brings a fake update screen. This helps the attacker to run Trojan in the background that shares user details including their SMS messages and call logs.

By using the silently obtained details, the attackers are able to generate a bank-specific mobile banking screen to convince the user to enter their mobile banking credentials. These are later used for conducting financial frauds, the CERT-In said.

The agency advises banking customers to download apps directly from official app stores including Google Play. Users are also recommended to review the app details, number of downloads, user reviews, and comments before downloading an unknown app even from an official source. Additionally, the government body recommends users to not browse untrusted sites or follow untrusted links.

Interested in cryptocurrency? We discuss all things crypto with WazirX CEO Nischal Shetty and WeekendInvesting founder Alok Jain on Orbital, the Gadgets 360 podcast. Orbital is available on Apple Podcasts, Google Podcasts, Spotify, Amazon Music and wherever you get your podcasts.

Source link


macOS Monterey With New Safari Browser, Universal Control Coming as Free Update on October 25

Apple on Monday announced that macOS Monterey will be available as its latest operating system for Mac computers on October 25. The new...

MacBook Pro (2021) Models With a Display Notch, M1 Pro and M1 Max Processors Launched

Apple at its ‘Unleashed' event on Monday launched the new MacBook Pro models that are based on the company's new silicon called the...

Apple AirPods (3rd Generation) With AirPods Pro-Like Design, Spatial Audio Support Launched

Apple at its 'Unleashed' event on Monday unveiled the third-generation AirPods aka AirPods (3rd Generation). The new entry-level AirPods are the successor to...


Please enter your comment!
Please enter your name here

Most Popular

US Says “Intermediate Step” Of Brussels Meeting Not Necessary For Iran Talks

<!-- -->United States does not think talks in Brussels are necessary, spokesperson Ned Price said.Brussels: The United States does not think talks in...

ISKCON Over Attacks On Devotees In Bangladesh

<!-- -->Two ISKCON devotees were among those killed in the recent attacks on Hindu temples.Mayapur: The International Society for Krishna Consciousness (ISKCON) on...

US Says “No Hostile Intent” Towards North Korea, Still Ready For Talks

<!-- -->A US envoy said the United States has no hostile intent following a spike in tensions. (Representational)Washington: A US envoy made a...

British Prime Minister Boris Johnson Outlines 30,000 Green Jobs Boost

<!-- -->British PM Boris Johnson said green investment is key to growing country's economy.London: Spanish renewable energy giant Iberdrola has committed to invest...

Recent Comments