According to reports, a new variant of the Drinik Android virus has been found, and it may steal some of your crucial financial information. The Drinik virus has been in the spotlight since 2016. Prior to this, the Indian government issued a warning to Android users about this spyware, which steals personal information under the guise of producing income tax returns.
Cyble has discovered a new, more sophisticated variant of the same virus that is aimed squarely at users in India and customers of 18 different banks there. At the moment, only SBI customers are considered potential targets because of the association between Drinik and that bank.
Detection of new Drinik Android banking trojan
Upgraded Drinik virus sends an SMS containing an APK file to victims. iAssist mimics India’s Income Tax Department’s tax administration application. Once installed, the app requires permissions for various operations. Receive, read, and send SMS, read call log, and read and write to external storage.
The program then seeks access to the Accessibility Service to deactivate Google Play Protect. Once a user authorizes permission, the app may execute some operations without notifying them. The program may record screen and key presses.
When the software receives the rights and features it wants, it accesses a legitimate Indian income tax website using WebView, rather than a phishing page. The site is legitimate, but the program records users’ screens and logs their passwords.
Also, READ: Got the iPhone iOS 16.1 update for your Apple device? Make sure your Wi-Fi is working
Drinik and other Android viruses: How to avoid
- Don’t install software recommended by an SMS message or from an unfamiliar website. Apps may be found in the Google Play Store and the Apple App Store.
- Never let an unidentified app access to your text messages or call history. In reality, several programs can work well without this permission. Users should use caution.
- You should always double-check information received through a link, SMS, or email in regards to your banking by going directly to the institution’s official website and never trusting information received from any other source.
- Since the latest Drinik version uses the Accessibility Service, Android users should deny access to that service.