Government Warns Banking Users of Android Malware That Pretends to Help Generate Income Tax Refunds

CERT-In suggested that the Drinik malware evolved recently as a banking Trojan targeting Indian customers.

Advertisement
By Jagmeet Singh | Updated: 23 September 2021 17:37 IST
Highlights
  • CERT-In has issued an advisory to warn users about the malware
  • Indian bank customers are targeted for sensitive and financial data
  • Attackers pretend to help users generate tax refunds through an app

Customers of more than 27 Indian banks may have been targeted using the malware

Photo Credit: Unsplash/ Denny Müller

The government has warned Android users in India about a malware called Drinik to steal sensitive information by promising to generate income tax refunds. Customers of more than 27 Indian banks have already been targeted with the malware, the Indian Computer Emergency Response Team (CERT-In) wrote in an advisory released online. The nodal agency that deals with cybersecurity threats says that the attackers target victims by sending them a link to a phishing website that looks similar to the Income Tax Department portal. It asks users to download a malicious app that installs the Drinik malware.

The Drinik malware was reportedly used as a primitive SMS stealer back in 2016. CERT-In, though, suggested that it evolved recently as a banking Trojan, targeting Indian customers.

As per the details provided in the advisory by the CERT-In, victims receive an SMS message containing a link to the phishing site. It asks for some personal information and then downloads the app. The malicious Android app acts like a genuine version of the solution created by the Income Tax Department to help generate tax refunds. It requires users to grant permissions to access SMS messages, call logs, and contacts and shows a refund application form that asks for details including full name, PAN, Aadhaar number, address, and date of birth, according to the advisory.

Advertisement

In addition to personal details, the CERT-In says that the app asks for financial details such as account number, IFSC code, CIF number, and even debit card number, expiry date, CVV, and PIN.

The attackers claim that these details will be used to help generate tax refunds sent directly to the account of the user. However, in reality, the agency notes that once the user taps the ‘Transfer' button on the app, it shows an error and brings a fake update screen. This helps the attacker to run Trojan in the background that shares user details including their SMS messages and call logs.

By using the silently obtained details, the attackers are able to generate a bank-specific mobile banking screen to convince the user to enter their mobile banking credentials. These are later used for conducting financial frauds, the CERT-In said.

Advertisement

The agency advises banking customers to download apps directly from official app stores including Google Play. Users are also recommended to review the app details, number of downloads, user reviews, and comments before downloading an unknown app even from an official source. Additionally, the government body recommends users to not browse untrusted sites or follow untrusted links.

Interested in cryptocurrency? We discuss all things crypto with WazirX CEO Nischal Shetty and WeekendInvesting founder Alok Jain on Orbital, the Gadgets 360 podcast. Orbital is available on Apple Podcasts, Google Podcasts, Spotify, Amazon Music and wherever you get your podcasts.
Affiliate links may be automatically generated - see our ethics statement for details.
 
Post your comments

Catch the latest from the Consumer Electronics Show on Gadgets 360, at our CES 2026 hub.

Further reading: Drinik malware, Indian banking, Banking app, Income Tax Department, CERT In, Indian Computer Emergency Response Team
Realme Dizo Buds Z True Wireless Earbuds Launched in India at Rs. 1,999
Advertisement
Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. JioHotstar Announces Monthly Subscription Plans Across All Tiers
  2. Here's How Much the Realme P4 Power Could Cost in India
  3. Sirai OTT Release: When, Where to Watch the Tamil Courtroom Drama Online
  4. Infinix Note Edge Debuts With MediaTek Dimensity 7100 , 6,500mAh Battery
  5. Lava Blaze Duo 3 With a 1.6-Inch Rear Display Launched in India: See Price
  6. Samsung Galaxy S26 Ultra Colourways Spotted in Leaked SIM Tray Images
  7. Google Might Be Adding More Layers to Stop Users From Sideloading Apps
  8. Amazon Great Republic Day Sale: Top Laptop Deals Under Rs. 55,000
  9. Apple Could Bring LTPO+ Panel, Under-Display Face ID Tech to iPhone 18
  10. Top Deals on Air Conditioners During Amazon Great Republic Day Sale
#Latest Stories
  1. Asus Reportedly Halts Smartphone Launches ‘Temporarily’ to Focus on AI Robots, Smart Glasses
  2. JioHotstar Announces Monthly Subscription Plans Across Mobile, Super, and Premium Tiers
  3. New Solid-State Freezer Could Replace Climate-Harming Refrigerants
  4. Google Is Reportedly Adding More Verification Layers in Play Store to Curb Sideloading Apps
  5. Realme Buds Clip Price in India Leaked Ahead of Anticipated Launch
  6. Champion OTT Release Date: When and Where to Watch This Telugu Movie Online?
  7. Tu Meri Main Tera Main Tera Tu Meri OTT Release Reportedly Revealed Online
  8. iPhone 18 Series to Feature LTPO+ Display Panel With Under-Display IR Sensor for Face ID: Report
  9. Infinix Note Edge Launched With 6,500mAh Battery, MediaTek Dimensity 7100 SoC
  10. Bitcoin Enters Consolidation Phase as Crypto Investors Turn Cautious
Gadgets 360 is available in
Follow Us
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.