Recently a Trojan malware has been detected which is attacking Indian bank customers using Android phones. The malware has already attacked customers of 27 public and private sector banks. Indian Computer Emergency Response Team or CERT-In has said this in its latest advisory.

Malware is software that is designed to harm computer systems. CERT-In on Tuesday said the new malware is luring people in the form of an “income tax refund” that could “effectively jeopardize the privacy of sensitive customer data and lead to massive attacks and financial fraud”. could”.

Users are being targeted by Drinik malware

CERT-In said that customers are being targeted by Drinik Android malware. CERT-In told PTI, “Drinik started as a primitive SMS evader in 2016 and has recently evolved into a banking trojan that displays phishing screens and allows users to enter sensitive banking details. persuades to do.”

Let us tell you that CERT-In is the federal technology branch to prevent cyber attacks and protect Indian cyberspace against malware, hacking attacks, and similar online attacks. The CERT-In advisory describes the process of attack and how to protect the customers.

Users are being victimized in this way

To complete the verification, the victim first receives an SMS with a link to download the malicious APK file. They are asked to enter their personal information. This website is like the website of the Income Tax Department, due to which people fall prey to it.

The CERT-In advisory states, “This malicious Android app appears as an app of the Income Tax Department and after installation, the app asks the user to give necessary permissions such as SMS, call logs, contacts. If the user does not enter any information on the website, the same screen with the form is shown in the Android application and the user is asked to fill it to proceed.

Users running Android phones can be victims of fraud at any time

This is how the user’s details are misused

The required data to be entered include PAN, Aadhaar Number, Address, Date of Birth, Mobile Number, Email Address, IFSC Code, Debit Card Number, and CVV, etc. When the user enters the amount and clicks on “Transfer”, the app shows an error showing a fake update screen. In its backend, the Trojan sends user details including SMS and call logs to the attacker’s machine.

The advisory states, “These details are used by the attacker to create the mobile banking screen and access the user’s machine. The user is then requested to enter the mobile banking credentials which are accessed by the attacker.

Users should take these steps

CERT-In has asked users to immediately report any unusual activity in their account to their bank. Users can also send complaints to CERT-In at

Also Read: NCB Full Form: What is NCB?


Please enter your comment!
Please enter your name here