Cyber hackers try all kinds of new methods to reach valuable information or they change old methods and organize attacks again. India ‘on Android phones target areas were discovered new banking trojan.
The Indian Cyber Security Agency said in a statement that the malware has targeted more than 27 public and private banks. The cybersecurity agency warned users to be careful.
Cyber security agency officials announced in a statement that the trojan, or trojan horse, as it is known, masks itself as an income tax refund and tries to deceive users in this way.
It is emphasized that the malware in question can endanger sensitive user data, cause large-scale attacks and financial fraud.
Experts state that the malware called Drink was first detected in 2016 and was used primarily for SMS theft, but has recently turned into a trojan horse.
At first, the victim receives an SMS with a tax refund lie. This SMS redirects the user to a site similar to the tax office, but fake. On the site, the user is asked to enter his personal information and download and install the tax office application, where the malware is hidden.
The fake application, which appears to be the official application of the tax office, asks the user for permission to access parts such as SMS, call logs, contacts, etc. after it is installed on the phone Security experts said, “Even if the user does not enter the necessary information on the fake site, after installing the application, he is still faced with a menu to enter the information.
” The requested information includes very sensitive information such as name, surname, address, date of birth, mobile phone number, account number, bank card number, expiration date of the card, CVV and PIN numbers.v After entering the victim information, a warning appears in the application that there will be a tax refund and a refund will be made.
When the user clicks the button to make the payment to the bank account, a warning appears that there was an error during the transfer and a fake update is displayed on the screen. Showing this update screen, the Drinik trojan transmits all the information it obtains to the hacker.
Security researchers explained that to avoid such attacks, apps should always be downloaded from the official store and have the latest updates.
Experts also explained that the Drinik trojan attack could be experienced outside of India , and said, “Drinik trojan is one of the malware detected. It is currently targeting users in India. However, similar attacks with Drinik or different trojans may also occur in other countries.
We advise users to be careful. We do,” he continued.