Beware of fake Income-Tax Dept! THIS malware attacking taxpayers; Know tips to avoid loss

The Drinik malware has returned and is now attacking income tax payers. Know how to keep your data safe.

By: HT TECH
| Updated on: Oct 30 2022, 17:28 IST

In Pics: Know 5 ways to stay safe online on Google Chrome

Hackers — 1/5 Keep strong password: Using a password manager (even if it’s not Google’s) will help you store and use a strong, unique password for each site you log into. Google Password Manager can suggest and save a strong, unique password of gobbledygook (like KZamPPzj43T9mQM). Then, Chrome will autofill the password next time you need it — on any device. Chrome should suggest a new strong password when creating a new account, or you can always right click in the password field and click “Suggest Password.” (Pixabay)

Here is an important alert for all the taxpayers. A malware dubbed Drinik has returned. Recently, Cyble Research & Intelligence Labs (CRIL) has identified an upgraded version of Drinik impersonating the Income-Tax Department of India and targeting 18 banks including the State Bank of India (SBI), according to a blog by Syble. It can be known that the Drinik malware has been targetting the banking industry since 2016. Earlier, the malware used to operate as an SMS stealer but it has now evolved into an Android trojan. After the evolution, the malware can now do screen recording to harvest credentials, keylogging, abusing call screening service to manage incoming calls, and receiving commands via Firebase Cloud Messaging.

According to the information provided by Cyble, the malware variant is communicating with Command & Control (C&C) server hxxp://gia[.]3utilities.com, which is hosted on IP 198[.]12.107[.]13. Also, the third and latest version loads the genuine income tax department site and uses screen recording along with a keylogging functionality to steal the login credentials. Also, the latest version of Drinik malware comes in the form of an APK named iAssist.

It can be known that the iAssist is the official tax management tool of the India Tax department. Once it gets installed on a device, the APK file will ask for permission to read, receive and send SMS in addition to reading the user's call log. It also requests permission to read and write to external storage. Initially, it will take you to the official Indian income tax site and display a fake dialogue box to steal users' account details. The malware then tries to trap the user by showing an instant tax refund and eventually takes him to the phishing site.

However, now what needs to be noted is that, the malware and the techniques to fool people have been evolving at a rapid rate. Therefore, it is very important for the users to take precautionary steps. Here are some of the tips you can use to stay safe:

Tips to keep your data safe from malware

Step 1:

Do not click on any link which you feel is doubtful or fake.

Step 2:

Always remember to download and install software only from official app stores like Play Store or the iOS App Store. Also, check the authenticity of the software before downloading them.

Step 3:

You should never share your personal details or banking credentials like card details, CVV number, PIN, among others with anyone.

Step 4:

Keep strict security features on your phone like fingerprint lock or facial recognition. Also use strong passwords and enforce multi-factor authentication wherever possible.

Step 5:

Avoid giving permissions to several apps to access data on your device.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.