Home
Apps
Apps News
Government Warns Banking s of Android Malware That Pretends to Help Generate Income Tax Refunds

Government Warns Banking s of Android Malware That Pretends to Help Generate Income Tax Refunds 2y23w

CERT-In suggested that the Drinik malware evolved recently as a banking Trojan targeting Indian customers. 3x1e5t

By Jagmeet Singh | Updated: 23 September 2021 17:37 IST

Government Warns Banking s of Android Malware That Pretends to Help Generate Income Tax Refunds

Photo Credit: Unsplash/ Denny Müller 11l4t

Customers of more than 27 Indian banks may have been targeted using the malware

Highlights

CERT-In has issued an advisory to warn s about the malware
Indian bank customers are targeted for sensitive and financial data
Attackers pretend to help s generate tax refunds through an app

ment

The government has warned Android s in India about a malware called Drinik to steal sensitive information by promising to generate income tax refunds. Customers of more than 27 Indian banks have already been targeted with the malware, the Indian Computer Emergency Response Team (CERT-In) wrote in an advisory released online. The nodal agency that deals with cybersecurity threats says that the attackers target victims by sending them a link to a phishing website that looks similar to the Income Tax Department portal. It asks s to a malicious app that installs the Drinik malware.

The Drinik malware was reportedly used as a primitive SMS stealer back in 2016. CERT-In, though, suggested that it evolved recently as a banking Trojan, targeting Indian customers.

As per the details provided in the Income Tax Department to help generate tax refunds. It requires s to grant permissions to access SMS messages, call logs, and s and shows a refund application form that asks for details including full name, PAN, Aadhaar number, address, and date of birth, according to the advisory.

'BlackRock' Android Malware Can Steal Banking Credentials, Says CERT-In

In addition to personal details, the CERT-In says that the app asks for financial details such as number, IFSC code, CIF number, and even debit card number, expiry date, CVV, and PIN.

The attackers claim that these details will be used to help generate tax refunds sent directly to the of the . However, in reality, the agency notes that once the taps the ‘Transfer' button on the app, it shows an error and brings a fake update screen. This helps the attacker to run Trojan in the background that shares details including their SMS messages and call logs.

By using the silently obtained details, the attackers are able to generate a bank-specific mobile banking screen to convince the to enter their mobile banking credentials. These are later used for conducting financial frauds, the CERT-In said.

The agency advises banking customers to apps directly from official app stores including Google Play. s are also recommended to review the app details, number of s, reviews, and comments before ing an unknown app even from an official source. Additionally, the government body recommends s to not browse untrusted sites or follow untrusted links.

Interested in cryptocurrency? We discuss all things crypto with WazirX CEO Nischal Shetty and WeekendInvesting founder Alok Jain on Orbital, the Gadgets 360 podcast. Orbital is available on Apple Podcasts, Google Podcasts, Spotify, Amazon Music and wherever you get your podcasts.

links may be automatically generated - see our ethics statement for details.

Comments

For the latest reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.