Drinik malware risking SBI and other bank customers’ data


By MYBRANDBOOK


Drinik malware risking SBI and other bank customers’ data

An upgraded version of Drinik malware has been discovered that puts data of 18 bank customers at risk. According to analysts at Cyble, the malware has evolved into an Android trojan that can steal important personal details and banking credentials.

 

As per the report, the latest version of Drinik malware comes in the form of an APK named iAssist. The iAssist is the official tax management tool of the India Tax department. Once installed on a device, the APK file will ask for permission to read, receive and send SMS in addition to reading the user’s call log. It also requests permission to read and write to external storage.

 

After launching, the malware prompts the victim to grant permissions, followed by a request to enable Accessibility Service. It then disables Google Play Protect and starts executing auto-gestures and capturing key presses.

 

Then it loads the genuine Indian income tax site, instead of displaying fake phishing pages. Before showing the login page to the victim, the malware will display an authentication screen for biometric verification. When the victim enters a PIN, the malware steals the biometric PIN by recording the screen and also captures keystrokes.

 

The stolen details are then sent to the C&C server. Once the victim logs into the account successfully, it shows a fake dialogue box on the screen mentioning a message of an instant tax refund from the user’s previous tax miscalculations till date. The user is then redirected to a phishing website when he/she clicks on the Apply button, prompting the victim to submit full name, Aadhar number, PAN number, and other details along with Account number, Credit card number, CVV, and PIN. The stolen data is again sent to the C&C servers.

 E-Magazine 
 VIDEOS  Placeholder image

Copyright www.mybrandbook.co.in @1999-2024 - All rights reserved.
Reproduction in whole or in part in any form or medium without express written permission of Kalinga Digital Media Pvt. Ltd. is prohibited.
Other Initiatives : www.varindia.com | www.spoindia.org