Home / Tech / News / This Android malware steals mobile banking data; Here’s how to stay safe

This Android malware steals mobile banking data; Here’s how to stay safe

The Drinik malware was earlier used to steal SMS data from mobile phone but cybercriminals have modified it for the modern times.
The Drinik malware was earlier used to steal SMS data from mobile phone but cybercriminals have modified it for the modern times. (Getty Images)

The Drinik malware is aping an Income Tax app, fooling users to give in all their mobile banking details and other crucial data. Here’s how to stay safe from it.

There is a new malware in town wreaking havoc among Android smartphone users. It is called Drinik and is cleverly stealing crucial data and banking credentials from a smartphone user. The Indian Computer Emergency Response Team (CERT-In) has issued a warning to several banks for the same. The malware has so far attacked customers of 27 public and private sector banks in the country.

The Drinik malware is currently aping an Income Tax department app, and once it fools a user to download it, it cleverly collects all the sensitive information. Not only that, the malware even goes on force the user to make a transaction, following which it crashes and shows a fake message. Meanwhile, it collects all the necessary data from the user.

Drinik Android malware steals banking data

CERT-In has explained in detail how this malware preys on its victim. The process starts by sending the victim an email or SMS with a link to the phishing address. The email or SMS imitates an official government site (in this case, the Income Tax department) in a bid to lure the victim.

The link gives way to an app and once the user installs it on their device, the app asks access to all the basic device permissions such as call logs, SMS history, contacts, photos and media, and more. Then there’s a form within the app that asks for the full name, PAN, Aadhaar number, address, date of birth (DoB), mobile number, and email id.

The next step then involves asking for all the sensitive banking information such as account number, IFSC code, CIF number, debit card number, expiry date, CVV, and PIN. Once this information is typed in, the app asks the user to make a transaction as a refund amount. As soon as the transaction is made, the app shows an error with a fake update page.

All this while, the malware has collected all the crucial and sensitive financial data of the victim and send it to the cybercriminal.

How to avoid it

Although the CERT-In team has given some technical aspects to check into, the simplest way of avoiding the incident is to not visit suspicious links from SMS messages and emails. One should never download apps or open sites from suspicious messages or emails.

Follow HT Tech for the latest tech news and reviews, also keep up with us on Twitter, Facebook, and Instagram. For our latest videos, subscribe to our YouTube channel.