Ground Report | New Delhi: What is Drinik Android Malware; Cases of banking scams are increasing rapidly in the country. Keeping these matters in mind, the Central Government’s Indian Computer Emergency Response Team (CERT-In) has issued a warning regarding a new malware, named Drinik.
Through this new malware, hackers have tried to steal the banking login details of Android users. It is said that this malware has targeted more than 27 public and private sector Indian banks.
ALSO READ: These are the 10 Poorest states in India
What is Drinik Android Malware?
According to CERT-IN, Drinik is an Android malware. Hackers are stealing sensitive banking information from people through this malware. This malware uses phishing tricks to target people.
- When the user enters the amount and clicks on the transfer button, the application shows an error and displays a fake update screen. Whereas in the backend, the hacker steals personal information like SMS and call logs of the user through malware.
- According to CERT-IN, “Using such information, the hacker generates a banking form and presents it on the user’s device. The user is then requested to enter the mobile banking credentials. Thereafter, all the user’s information reaches the hacker.
Explaining how Drinik works, CERT-IN has said that the victim receives an SMS related to an income tax refund, which contains a malicious link. The victim is asked to enter personal information in this link and download the APK file. In this way, this malware gets installed on the phone. It is worth noting that the interface of this app is similar to the mobile app of Income Tax.
ALSO READ: These are the 10 richest states in India
- It added that the victim receives an SMS containing a link to a phishing website (similar to the Income Tax Department website), where they are asked to download and install a malicious APK file to enter personal information and complete verification. is called.
- “This malicious Android app masquerades as an Income Tax Department app and after installation, the app asks the user to give necessary permissions like SMS, Call Log, Contacts, etc. In case the user does not enter any information on the website, the form with the same screen is displayed in the Android application and the user is asked to fill in to proceed,” it said.
- This data to be filled includes full name, PAN, Aadhaar number, address, date of birth, mobile number, email address and financial details like account number, IFS code, CIF number, debit card number, expiry date, CVV and PIN. adds up.
- The victim is asked to enter personal information in this link and download the APK file. In this way this malware gets installed in the phone. It is worth noting that the interface of this app is similar to the mobile app of Income Tax.
Ways to avoid malware
- CERT-In says to always download the mobile app from Google Play store or App Store to avoid any virus or malware. These platforms are less likely to contain malware apps. This keeps your device safe from hackers.
- Hackers sometimes send phishing messages to hack the device. These messages contain malicious links, with the help of which hackers can easily crack the phone’s security and install viruses.
- Such messages should be deleted immediately. Also, always keep in mind that do not forget to open the link given in such a message.
File Type: .apk