The Indian Computer Emergency Response Team (CERT-In) issued an advisory stating that Drinik Android malware which was masquerading as a portal for Income Tax refund, was targeting Indian online banking users. It has been observed that Indian banking customers are being targeted by a new type of mobile banking campaign using Drinik android malware. Drinik started as a primitive SMS stealer back in year 2016 and has evolved recently to a banking trojan that demonstrates phishing screen and persuades users to enter sensitive banking information. Customers of more than 27 Indian banks including major public and private sector banks have already been targeted by the attackers using this malware — Indian Computer Emergency Response Team There has been a spurt in cyber attacks in India, including alleged attacks perpetrated by Chinese state actors. As of today, India still does not have a data protection law and the National Cyber Security Strategy which has been in the pipeline since 2019, has still not been finalised. The proposed strategy will have a clause for claiming cyber insurance, which could help victims of cyber attacks. How does the malware work? According to CERT-In — First, the victim receives an SMS containing a link to a phishing website (similar to the website of Income Tax Department, Govt. of India) The person is asked to enter personal information and download and install the malicious APK file in order to complete verification. Data asked includes: PAN Aadhaar number Address Date of birth Mobile number Email address Bank…
