Drinik Android malware steals CVV, PIN, key info, here are some tips to protect your devices

According to reports, a new variant of the Drinik Android virus has been discovered and can steal some of your important financial information. The Drinik virus has been in the limelight since 2016. Earlier, the Indian government issued a warning to Android users about this spyware that steals personal information under the guise of preparing income tax returns.

Cyble discovered a new, more sophisticated variant of the same virus that directly targeted consumers in India and customers of 18 different banks there. Currently, only SBI customers are considered potential targets due to the relationship between Drinik and that bank.

New Drinik Android Banking Trojan Discovered
The upgraded Drinik virus sends an SMS containing an APK file to victims. iAssist mimics the tax administration application of the Income Tax Department of India. Once installed, the app requires permissions for various operations. Receive, read and send SMS, read the call log and read and write to external memory.

The program then seeks access to the accessibility service to disable Google Play Protect. After a user gives permission, the app can perform some operations without notifying the user. The program can record screen and keystrokes.

When the software gets the rights and features it wants, it accesses a legitimate Indian income tax website using WebView instead of a phishing page. The site is legitimate, but the program records users’ screens and logs their passwords.

Also READ: Got the iPhone iOS 16.1 update for your Apple device? Make sure your Wi-Fi is working

Drinik and other Android viruses: How to avoid

• Do not install software recommended by SMS or from an unknown website. Apps can be found on Google Play Store and Apple App Store.
• Never allow an unidentified app to access your text messages or call history. In fact, several programs can work fine without this permission. Users should be careful.
• You should always double-check information received via link, SMS or email regarding your banking by going directly to the institution’s official website and never trust information received from any other source.
• Since the latest version of Drinik uses the accessibility service, Android users should deny access to this service.