Return of Drinik Malware - The Biggest Android Phone Virus - 18 Indian Bank Affected - Full Report
Drinik Android malware has now been identified as a new banking trojan that targets users of 18 Indian banks. It uses keylogging and screen recording functionality to steal important bank details. Developed in 2016, Drinik originally targeted users of SMS services and has now been re-branded as a banking trojan.
The Drinik Android trojan is a banking Trojan that has been spreading in India since 2016. It started out as an SMS stealer, but in September of this year, it added banking trojan functionality. It also performs screen recording and keylogging as well as exploiting the Accessibility service to perform overlay attacks.
The Drinik Android malware is designed to trick users into installing it by sending SMS that contain an APK file. The APK file is crafted to look like an official tax management tool from the Income Tax department of India. Once installed on the infected device, the malware will ask for various permissions. For example, it will want to read the call log, read SMS messages, read internal storage content, and read the user's contacts.
The Drinik Android malware now targets users of State Bank of India and 18 Indian financial institutions. The malware is designed to steal login credentials from the bank applications and send the information to the malware's C&C server. Once the C&C server receives the stolen information, it will then use it to perform fraudulent transactions. The malware then displays a confirmation page that displays the entered details. It will also prompt the user to verify the entered details with their net banking credentials.
As the Drinik Android malware continues to spread, security experts are warning users to be aware of their personal information when using their Android smartphones. They recommend that Android phone owners do not download side-loaded apps and to not share their personal details with unknown applications. Users should also enable two-factor authentication, or biometric authentication, on their devices.