This article has been indexed from E Hacking News – Latest Hacker News and IT Security News
There’s a new malware, and it’s wreaking havoc on Android users. Drinik is a malware that steals vital data and financial credentials from a smartphone user. CERT-In, the Indian Computer Emergency Response Team, has issued a warning to many banks. Customers of 27 public and private banks in the country have been hit by the malware so far.
The Drinik malware is presently imitating an Income Tax Department application, and after a user has been duped into downloading it, it collects all sensitive data. Not only that, but the malware also forces the user to complete a transaction, after which it crashes and displays a bogus warning. In the meantime, it gathers all of the essential information from the user.
In 2016, the Drinik malware was apparently utilised as a primitive SMS hacker. CERT-In, on the other hand, speculated that it had lately morphed into a banking Trojan aimed at Indian customers. Victims receive an SMS message with a link to the phishing site, according to the details mentioned in the CERT-In advisory. It then requests some personal information before downloading the application.
The malicious Android application imitates a legitimate version of the Income Tax Department’s solution for generating tax refunds. According to the advisory, it asks for authorization to view SMS messages, phone records, and contacts, as well as a refund application form that requests information like as full name, PAN, Aadhaar number, address, and date of birth.
Following that, all sensitive banking information such as account number, IFSC code, CIF number, debit card number, expiration date, CVV, and PIN is requested. According to
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: Drinik Malware is Fooling Users to Give in their Mobile Banking Details