An advanced version of Drinik malware is detected by the authorities. This android virus is targeting various banks’ customers by sending a link and an apk file with it. The Cyble Research and Intelligence Labs (CRIL) has submitted its report on this matter and disclosed this evolved malware, which can mimic the Income Tax Department’s management tool to trick people into clicking on the link sent via SMS and downloading the apk file through it.
New Version Of Drinik Malware Targeting 18 Indian Banks
Once people are tricked into downloading and installing the app, it asks for certain permissions to breach your android security just like other applications ask for your permission to access call records or media files. After this, the malware can read your messages, call logs, and read or write external storage. While accessing your SMSs it can read your sensitive information like OTPs, messages from banks, and others.
It does not stop there, to fulfill its purpose the malware will also ask your permission to access the accessibility settings to disable Google Play Protect, which is another layer of security for android devices. And once you grant that permission to this Drink Malware, it can perform many tasks without even you knowing about it. As per the reports, this android virus can use “navigation gestures, record screen, and capture key presses.”
Here’s The Surprising Part
Once all the permissions are granted including the accessibility option, this malware then opens the original site of Income Tax using the web view service, instead of opening a fake page. Which was done earlier by an inferior version of Drink Malware, and was also recognizable very easily. Finally, when you will log in with your credentials then with the screen recording feature and keylogging it will get them.
Moreover, it will record your data, again and again, to get accurate details if you fail to log in with your credentials the first time. After all this, the real phase starts when this app, after the login, shows a dialog box saying you are eligible for a refund of ₹57,100, due to the miscalculations done during the taxation process. And many people without knowing it’s a fraud just tap on the Apply button, and this time they are redirected to a phishing page or fake webpage of Income tax. Then they are asked to enter their sensitive information like account number, credit card number, CVV, card PIN, and the rest you know.
After assessing these facts we have concluded that this Malware is getting more and more advanced and are capable of completely hijacking a device they intrude. They can reject your income calls and can avoid the antivirus products that you have installed for safety. So, users will have to be more and more careful while performing any financial activity online.
Also read:
Read WhatsApp Messages Unannounced with this Simple Trick
Here Are a Few Tips To Prevent Yourself from Being A Victim Of These Financial Fraud Committing malware:
Very first point is that you should completely bar yourself from downloading applications other than the official Play Store. Only trust Google Play Store or Apple App Store like authentic platforms. And even stop downloading unknown apps from the Play Store, only download famous apps or read about them before you have to download them.
If you are using any type of unknown application then stop granting them permissions for everything they ask. Especially the requests related to call logs or messages.
Double-check the links before clicking them, as all the links have a few hints about the site which they are going to redirect you. So read the URL to get some hints. You can also try opening the link first on any spare phone or on any device on which you do not perform banking operations, and do not even have UPI apps.
Don’t grant accessibility service permissions so casually to every other app on your device as many malwares like Drinik Malware depend on it.
