Drinik Malware Now Targets 18 Indian Banks

 

Drinik Malware Now Targets 18 Indian Banks

 

A new upgraded variant of Drinik Android trojan is targeting 18 Indian banks and stealing personal and bank account information from the victims. Drinik has been circulating in India and operating as an SMS stealer since 2016,

 


The new campaign

Drinik is impersonating the Income Tax Department of India and targeting potential victims across 18 Indian banks to steal their income tax credentials.

  • The latest variant of the malware, found in August, is being distributed as an APK file (iAssist.apk) that is integrated into the iAssist app for Android.
  • It lures victims to claim an instant tax refund, tricking them into submitting personal details such as full name, Aadhar number, PAN number, and financial information.
  • The phishing scam is targeting 18 Indian banks, including the State Bank of India by abusing Accessibility Service. This way, it obtains the necessary permissions to perform several tasks on the compromised systems.

 

Other variants

Researchers disclosed two other variants—spotted in February, 2022 and September, 2021—primarily harvesting credentials via phishing pages. However, the latest variant is equipped with some advanced capabilities as well.

 

What are the advanced capabilities?

  • The latest malware is capable of screen recording and keylogging to harvest credentials. It abuses CallScreeningService to manage incoming calls.
  • It receives commands via FirebaseCloudMessaging and launches overlay attacks.

 

A previous connection

  • According to Cyble researchers, the latest campaign is launched by the same group that attacked Indian banks in September 2021.
  • The group used the same IP address for its command and control communication in both campaigns.

 

How to stay safe from Drinik malware?


Step 1: Download and install apps from Play Store only.

Step 2: Enable biometric authentication security on apps and for the lock screen.

Step 3: Never click on a link you receive from a random number or source.

Step 4: Use Google Play Protect to check your apps and devices for harmful behavior. Google Play Protect is on by default, but you can turn it off. For security, we recommend that you always keep Google Play Protect on.

            I. Open the Google Play Store app Google Play.

            II. At the top right, tap the profile icon.

            III. Tap Play Protect and then Settings.

            IV. Turn Scan apps with Play Protect on or off.

Step 5: Change app permissions on your Android phone: You can allow some apps to use various features on your phones, such as your camera or contacts list. An app will send a notification to ask for permission to use features on your phone, which you can Allow or Deny.

You can also change permissions for a single app or by permission type in your phone's Settings.

 

Comments

Post a Comment

Popular posts from this blog

Is Ethonal the next game changer?

Image
Is Ethanol blending the next game changer?  India's E20 India launched a pilot for E20, or petrol blended with 20% ethanol at the ‘India Energy Week’ in Bengaluru, bringing forward by two years the launch of a cleaner-burning version of petrol. What is Ethanol Blending? Ethyl alcohol or Ethanol (C2H5OH) is a biofuel that is naturally made by fermenting sugar. While it is mostly derived by extracting sugar from sugarcane, other organic matter like foodgrains can also be used for its production. As part of its carbon reduction commitments, India has launched the Ethanol Blended Petrol (EBP) programme to mix this biofuel with petrol to reduce the consumption of fossil fuel. Earlier, the government announced the achievement of E10 target, that is, the petrol used in the country has 10% ethanol in it. Then PM launched the pilot of E20 across at least 15 cities. The same is expected to be rolled out across the country in a phased manner in the coming months and years. Why E20
Read more

🌟 Embracing Economic Flourish: The Grandeur of Indian Weddings! 🎊💼

Image
🌟 Embracing Economic Flourish: The Grandeur of Indian Weddings! 🎊💼   The Indian wedding season isn't just a celebration of love; it's a powerhouse for businesses and the economy! Here's a glimpse into the thriving industries set to shine during this festive period:   1. Glittering Gold Rush: Jewelry Industry 💍 Indulge in the dazzling allure of gold and diamonds as the jewelry industry anticipates a massive surge, contributing up to 60% of the year's total revenue.   2. Fashion Forward: Fashion and Apparel Industry 👗 From breathtaking bridal wear to stunning guest ensembles, the fashion and apparel industry gears up for high demand, setting trends and adding glam to the celebrations.   3. Hospitality High: Hospitality Industry  🏨  As guests travel far and wide, hotels and resorts experience a surge in occupancy, boosting revenue and creating job opportunities in the thriving hospitality sector.   4. Mastering the Grandeur: Wedding Plannin
Read more

Do you think India really needs another time zone?

Image
Do you think India really needs another time zone? Each night, the sun sets over an hour and a half later in western India than in the east of the nation, yet the whole nation follows a similar time region. Later nightfall implies individuals stay conscious longer, which prompts lack of sleep among youngsters and adversely influences their review endeavors, another concentrate by an examination researcher at Cornell University has found. Because of resting late, kids are less inclined to finish essential and center school, and this effect is generally articulated among unfortunate families, says the review, ‘Poor Sleep: Sunset Time and Human Capital Production’, which investigated the outcomes India faces by working under a solitary time region. "Back-of-the-envelope gauges propose that India causes yearly human resources expenses of generally $4.1 billion (almost Rs 29,000 crore) or 0.2% of ostensible GDP [Gross Domestic Product] because of the current arrangement directing time r
Read more