Upgraded Drinic malware puts 18 bank customers' data at risk
• The Drinic malware has evolved from an SMS stealer into an Android banking Trojan. Analysts at Cyble say the upgraded Drinic malware puts 18 bank customers' data at risk.
Drinik malware is back. First reported in September 2016, banking malware is now capable of screen recording, keylogging, abusing accessibility services, and performing overlay actions. The malware has evolved from an SMS stealer to an Android banking Trojan. Analysts at Cyble say the upgraded Drinik malware puts 18 bank customers' data at risk.
According to analysts, the Drinik Banking Trojan malware comes in the form of an APK named iAssist. For those unaware, iAssist is the official tax management tool of India Tax Department. Once installed on the device, the APK file asks for permission to read, receive and send SMS besides reading the call log of the user. It also requests permission to read and write external storage. The APK will initially take users to the real Indian Income Tax site and display a fake dialog box to steal users' account details. The malware lures the victim to an instant tax refund and eventually leads her to a phishing site.
While malware and techniques used by threat actors continue to evolve, there are some precautionary practices one can adopt to avoid falling prey to them. Here are some tips that will help you keep your banking data secure:
- Download and install software only from official app stores like Play Store or iOS App Store.
- Never share your card details, CVV number, card PIN and net banking credentials with any untrusted source.
- Enable biometric security features such as fingerprint or facial recognition to unlock the mobile device to avoid unauthorized access obtained using malicious activities such as keylogging and screen recording.
It is recommended to use a reputable antivirus and internet security software package on connected devices including PCs, laptops and mobiles.
- Use strong passwords and implement multi-factor authentication wherever possible.
- Be careful not to open any link received via SMS or email sent to your phone.
- Make sure Google Play Protect is enabled on Android devices.
- Be careful when enabling any permissions.
- Keep your device, operating system and applications up to date.
