Android users alert !! Drinik trying to steal online banking information, secure now !! - YP Buzz

 YP Buzz - 

                  The CERT-In is warning Android users about a new malware called Drinik trying to steal online banking information. The malware campaign is said to target more than 27 Indian banks, including major public and private banks. Here's what you need to know.

                                                                         
Android Phones

What is Drinik Android malware specific to online banking users?


As suggested by CERT-IN, Malin Android malware has targeted Indian bank users and is spreading in a subtle way for Tax Refunds. It is a bank robbery that can commit the crime of stealing sensitive information and enticing users to enter sensitive bank details.


How is the new malware installed on Android phones?


How Drinik works, CERT-In said, “The victim receives an SMS with a link to the website to steal sensitive information from the malicious APK file. to complete verification. This vicious Android app pretends to be a Tax Department app.


What does malware do when it is installed on an Android phone?


After installation, the application asks the user to provide the necessary permissions such as SMS, call logs, contacts etc. If the user does not enter the information on the website, the same screen and form is displayed in the Android app and the user has requested to fill in to continue.


What personal information was stolen by Drinik?


Details include full name, PAN, Aadhaar number, address, date of birth, mobile number, email address, and financial details such as account number, IFSC code, CIF number, bank card number, expiration date, CVV, and PIN.


How is malware detected?


After personal information is entered by the user, the app states that there is a refund amount of Income that can be transferred to the user's bank account. When a user enters a value and clicks "Forward", the app shows an error and displays false reviews. While the update screen is displayed, the backend Trojan sends user information including SMS and call logs to the attacker's machine.


According to CERT-In, “This information is then used by the attacker to generate a specific bank mirror on the bank and transfer it to the user's device. The user is then asked to enter the relevant banking details held by the attacker. ”


What to do to stay safe from such an attack?


Do not browse unreliable websites or follow unreliable links and be careful while clicking on the link provided for any unsolicited emails and SMS. Look for suspicious numbers that do not look like real phone numbers. Scammers often hide their identity through the use of email-to-mobile services to avoid revealing their phone numbers.


Warning about abbreviated URLs, such as those that include bit.ly and TinyURL. Users are advised to submit their references to the abbreviated URLs (if possible) to see the full domain of the website they are visiting or to use a URL scanner that will allow the user to enter a short URL and view the full URL. Users can also use the accessibility preview feature to see the full URL preview.


Thanks & Regards

 YP Buzz

Post a Comment

0 Comments

-->