Drinik Malware Now Targets 18 Indian Banks

 

Drinik Malware Now Targets 18 Indian Banks

 

A new upgraded variant of Drinik Android trojan is targeting 18 Indian banks and stealing personal and bank account information from the victims. Drinik has been circulating in India and operating as an SMS stealer since 2016,

 


The new campaign

Drinik is impersonating the Income Tax Department of India and targeting potential victims across 18 Indian banks to steal their income tax credentials.

  • The latest variant of the malware, found in August, is being distributed as an APK file (iAssist.apk) that is integrated into the iAssist app for Android.
  • It lures victims to claim an instant tax refund, tricking them into submitting personal details such as full name, Aadhar number, PAN number, and financial information.
  • The phishing scam is targeting 18 Indian banks, including the State Bank of India by abusing Accessibility Service. This way, it obtains the necessary permissions to perform several tasks on the compromised systems.

 

Other variants

Researchers disclosed two other variants—spotted in February, 2022 and September, 2021—primarily harvesting credentials via phishing pages. However, the latest variant is equipped with some advanced capabilities as well.

 

What are the advanced capabilities?

  • The latest malware is capable of screen recording and keylogging to harvest credentials. It abuses CallScreeningService to manage incoming calls.
  • It receives commands via FirebaseCloudMessaging and launches overlay attacks.

 

A previous connection

  • According to Cyble researchers, the latest campaign is launched by the same group that attacked Indian banks in September 2021.
  • The group used the same IP address for its command and control communication in both campaigns.

 

How to stay safe from Drinik malware?


Step 1: Download and install apps from Play Store only.

Step 2: Enable biometric authentication security on apps and for the lock screen.

Step 3: Never click on a link you receive from a random number or source.

Step 4: Use Google Play Protect to check your apps and devices for harmful behavior. Google Play Protect is on by default, but you can turn it off. For security, we recommend that you always keep Google Play Protect on.

            I. Open the Google Play Store app Google Play.

            II. At the top right, tap the profile icon.

            III. Tap Play Protect and then Settings.

            IV. Turn Scan apps with Play Protect on or off.

Step 5: Change app permissions on your Android phone: You can allow some apps to use various features on your phones, such as your camera or contacts list. An app will send a notification to ask for permission to use features on your phone, which you can Allow or Deny.

You can also change permissions for a single app or by permission type in your phone's Settings.

 

Comments

Post a Comment

Popular posts from this blog

📊 Why Filing Your Income Tax Return (ITR) is a Game-Changer! 🌟

Image
📊 Why Filing Your Income Tax Return (ITR) is a Game-Changer! 🌟 Ever wondered why filing an Income Tax Return (ITR) is so important? 🤔 It’s not just about paying taxes ITRs offer a range of benefits that can make a huge difference in your financial life! Here’s a quick rundown of why you should file your ITR and the perks that come with it. 🚀 🔍 What is an Income Tax Return (ITR)? An ITR is a form you use to report your income, taxes, exemptions, and deductions to the Income Tax Department. It’s essential for determining your tax liabilities and potential refunds. 💵 Who Needs to File an ITR? Income Threshold: If you earn more than ₹2.5 lakh (₹3 lakh for seniors, ₹5 lakh for super seniors) annually, you need to file. Businesses: Registered businesses must file regardless of profitability. NRIs & Foreign Assets: Those with foreign income or assets must file. High Expenses: If you spend over ₹2 lakh on international travel or paying over ₹1 lakh in electricity bills or deposit...
Read more

🔒 Navigating Cybersecurity Challenges in Accounting: Protecting Your Data in the Digital Age 🔒

Image
🔒 Navigating Cybersecurity Challenges in Accounting: Protecting Your Data in the Digital Age 🔒   As digital transformation revolutionizes the accounting sector, cyber threats loom large. Accounting professionals and firms are prime targets for cybercriminals due to the sensitive financial data they hold. While technology brings efficiency, it also exposes firms to risks, emphasizing the need for robust cybersecurity solutions.   💼 Why Cybersecurity is Crucial in Accounting:   Hackers are increasingly innovative, targeting financial data for illicit gain. Companies must prioritize implementing security measures to combat unauthorized access and data breaches.   🔍 Understanding Cyber Threats:   Cyberattacks occur daily, aiming to access sensitive information such as transaction details, account numbers, and personal data. Accounting firms, rich in cash reserves, attract these threats, making cybersecurity vital for all, regardless of size. ...
Read more

🚀 Unlocking India's IT Future: Trends Driving Growth 🌟

Image
 🚀 Unlocking India's IT Future: Trends Driving Growth 🌟 As we step into the future, the landscape of India's IT industry is set to undergo remarkable transformations. Here are the top trends that will shape the growth trajectory of Indian IT firms in the years to come: Digital Transformation:  📲 The wave of digital transformation sweeping through industries will only intensify. From streamlining operations to enhancing customer experiences, businesses are hungry for innovative solutions. Cloud Computing: ☁️ Embracing the cloud is no longer an option but a necessity. Expect a surge in cloud adoption as organizations recognize the scalability and cost-efficiency it offers for their IT needs. Artificial Intelligence and Machine Learning:  🤖 AI and ML are not just buzzwords; they're becoming indispensable tools for driving innovation across sectors like healthcare, finance, retail, and manufacturing. Cybersecurity: 🔒 With cyber threats on the rise, protectin...
Read more