Connect with us

Trending

Beware! That IT Returns SMS Can Empty Your Bank Account: CERT-In Issues Advisory Against New Trojan That Hit 27 Banks

Published

on

Beware! That IT Returns SMS Can Empty Your Bank Account: CERT-In Issues Advisory Against New Trojan That Hit 27 Banks

NEW DELHI: A banking Trojan software has been discovered in Indian cyberspace that is waiting to attack bank customers using Android phones, according to an advice issued by the country’s official cyber security organisation – CERT-In.

The malware has already targeted users of over 27 public and private sector banks, according to the Indian Computer Emergency Response Team (CERT-In).

The phishing malware (a social engineering computer virus attack to steal personal data) is disguised as an “income tax refund,” and it has the potential to “effectively jeopardise the privacy of sensitive customer data and result in large-scale attacks and financial frauds,” according to the CERT-In.

“A new form of mobile banking campaign using Drinik Android malware has been spotted targeting Indian banks customers,” CERT-In said.

HOW THE MALWARE WORKS:

The victim receives an SMS containing a link to a phishing website (similar to the Income Tax Department’s website) where they are prompted to enter personal information and download and install the malicious APK file in order to complete the required verification, according to the agency.

If the user does not enter any information on the website, the Android application displays the same screen with the form, prompting the user to fill it out in order to advance.

Full name, PAN, Aadhaar number, address, date of birth, cellphone number, email address, and financial details such as account number, IFS code, CIF number, debit card number, expiration date, CVV, and PIN are among the fields that must be completed.

When the user inputs these details, the programme claims there is a refund amount that can be sent to the user’s bank account, but when the user enters the amount and clicks “transfer,” the application displays an error and a phoney update screen, according to the report.

Follow The420.in on TelegramFacebookTwitterLinkedInInstagramYouTube.

Continue Reading