This Android Malware Steals Mobile Banking Data; Know How to be Safe

For representational purpose

For representational purpose


The Indian Computer Emergency Response Team (CERT-In) has issued a warning to several banks for the same. The Drinik malware is mimicking an income tax app, tricking users into providing all their mobile banking and other crucial data. Here's how to stay safe.

There is a new malware called Drinik, that is wreaking havoc among Android smartphone users. Drinik is stealing crucial data and banking credentials from a smartphone user. The Indian Computer Emergency Response Team (CERT-In) has issued a warning to several banks for the same. So far, the malware has targeted clients of 27 banks in the country's public and private sectors.

The Drinik malware is becoming an application of the income tax department and once it tricks a user into downloading it, it intelligently collects all the sensitive information. Not only that, the malware even forces the user to make a transaction, after which it crashes and displays a fake message. Meanwhile, it collects all the necessary data from the user.

Drinik Android Malware Steals Bank Details

CERT-In has explained in detail how this malware feeds on its victim. The process starts by sending the victim an email or SMS with a link to the phishing address. The email or SMS mimics an official government site (in this case, the income tax department) in an attempt to lure the victim.

The link gives way to an application and once the user installs it on their device, the application requests access to all the basic permissions of the device, such as call logs, SMS history, contacts, photos and media, and more. Then there is a form within the app that asks for the full name, PAN, Aadhaar number, address, date of birth (DoB), mobile phone number, and email ID.

The next step involves requesting all confidential bank information, such as account number, IFSC code, VAT number, debit card number, expiration date, CVV, and PIN. Once this information is entered, the application asks the user to make a transaction as a refund amount. As soon as the transaction is done, the application shows an error with a fake update page.

During all this time, the malware has collected all the crucial and sensitive financial data of the victim and sent it to the cybercriminal.

Here's how to stay safe:

Although the CERT-In team has provided some technical aspects to verify, the easiest way to avoid the incident is to avoid visiting suspicious links in SMS messages and emails. Never download apps or open sites from suspicious messages or emails.

Show Full Article
Print Article
Interested in blogging for We will be happy to have you on board as a blogger.
Next Story
More Stories