With the increasing technology around the world, the risk of cyber attacks is also increasing. In such a situation, once again Android users are under threat of virus. According to the advice of CERT-IN, Indian users are being targeted by Drinik malware. This malware is being spread as income tax refund. It is a breaking Trojan which is also capable of doing screen phishing.
Talking about the Drinik malware, CERT-IN said that it sends an SMS to the victim with a link to a phishing website. Where to register personal information. After registering personal information, you are asked to download and install an APK file. This malware-affected app looks exactly like the Income Tax Department’s app.
Once the malware is installed, the app asks users to provide necessary permissions like SMS, call log, contacts, etc. If the user does not enter any information on the website, the same screen appears with the form in the Android app. Users are asked to fill it.
When users enter their personal details, the app informs them that their income tax amount will be refunded which is asked to be transferred to their bank account. The application shows an error when users enter the amount and click transfer. It then shows a fake update screen. After seeing a screen to install these updates, the Trojan sends user details, including SMS and call logs, to Baker’s machine in the backend. According to CERT-IN, these details are used by hackers to create bank specific mobile banking machines and show them on users’ devices. The users are then asked to register the mobile banking credentials and it is stolen by the hackers.