Government Warns Banking Users of Android Malware That Pretends to Help Generate Income Tax Refunds

CERT-In suggested that the Drinik malware evolved recently as a banking Trojan targeting Indian customers.

Advertisement
By Jagmeet Singh | Updated: 23 September 2021 17:37 IST
Highlights
  • CERT-In has issued an advisory to warn users about the malware
  • Indian bank customers are targeted for sensitive and financial data
  • Attackers pretend to help users generate tax refunds through an app

Customers of more than 27 Indian banks may have been targeted using the malware

Photo Credit: Unsplash/ Denny Müller

The government has warned Android users in India about a malware called Drinik to steal sensitive information by promising to generate income tax refunds. Customers of more than 27 Indian banks have already been targeted with the malware, the Indian Computer Emergency Response Team (CERT-In) wrote in an advisory released online. The nodal agency that deals with cybersecurity threats says that the attackers target victims by sending them a link to a phishing website that looks similar to the Income Tax Department portal. It asks users to download a malicious app that installs the Drinik malware.

The Drinik malware was reportedly used as a primitive SMS stealer back in 2016. CERT-In, though, suggested that it evolved recently as a banking Trojan, targeting Indian customers.

As per the details provided in the advisory by the CERT-In, victims receive an SMS message containing a link to the phishing site. It asks for some personal information and then downloads the app. The malicious Android app acts like a genuine version of the solution created by the Income Tax Department to help generate tax refunds. It requires users to grant permissions to access SMS messages, call logs, and contacts and shows a refund application form that asks for details including full name, PAN, Aadhaar number, address, and date of birth, according to the advisory.

Advertisement

In addition to personal details, the CERT-In says that the app asks for financial details such as account number, IFSC code, CIF number, and even debit card number, expiry date, CVV, and PIN.

The attackers claim that these details will be used to help generate tax refunds sent directly to the account of the user. However, in reality, the agency notes that once the user taps the ‘Transfer' button on the app, it shows an error and brings a fake update screen. This helps the attacker to run Trojan in the background that shares user details including their SMS messages and call logs.

By using the silently obtained details, the attackers are able to generate a bank-specific mobile banking screen to convince the user to enter their mobile banking credentials. These are later used for conducting financial frauds, the CERT-In said.

Advertisement

The agency advises banking customers to download apps directly from official app stores including Google Play. Users are also recommended to review the app details, number of downloads, user reviews, and comments before downloading an unknown app even from an official source. Additionally, the government body recommends users to not browse untrusted sites or follow untrusted links.

Interested in cryptocurrency? We discuss all things crypto with WazirX CEO Nischal Shetty and WeekendInvesting founder Alok Jain on Orbital, the Gadgets 360 podcast. Orbital is available on Apple Podcasts, Google Podcasts, Spotify, Amazon Music and wherever you get your podcasts.
Affiliate links may be automatically generated - see our ethics statement for details.
 
Post your comments

Catch the latest from the Consumer Electronics Show on Gadgets 360, at our CES 2026 hub.

Further reading: Drinik malware, Indian banking, Banking app, Income Tax Department, CERT In, Indian Computer Emergency Response Team
Realme Dizo Buds Z True Wireless Earbuds Launched in India at Rs. 1,999
Advertisement
Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. Here's When the Realme P4 Power 5G Will Launch in India
  2. JioHotstar Announces Monthly Subscription Plans Across All Tiers
  3. OnePlus 16 May Launch With These Display, Battery and Camera Upgrades
  4. iQOO 15R Will Be Launched in India Soon, Company Confirms
  5. Vivo X200T With Zeiss Cameras to Launch in India on This Date
  6. Google Pixel 10a Leak Suggests No Price Hike Over Pixel 9a
  7. Samsung Galaxy A57 Spotted on Certification Site With These Key Features
  8. Amazon's New Echo Show 11 Debuts in India With These Features
  9. Amazon Great Republic Day Sale: Best Deals on Printers Under Rs. 10,000
  10. Honor Magic 8 Pro Air, Magic 8 RSR Porsche Design Launched At These Prices
#Latest Stories
  1. Tere Ishk Main OTT Release Date Confirmed: Know When and Where to Watch Dhanush Starrer Film Online
  2. Conflict OTT Release Date Revealed: Know When and Where to Watch it Online?
  3. Nearly All Indian Creators Believe Generative AI Is Powering Their Growth: Adobe Survey
  4. Vivo X200T India Launch Date Announced; Will Feature Dimensity 9400+ SoC, 50-Megapixel Zeiss Cameras
  5. Samsung's Leaked OneUI 8.5 Beta 4 Changelog Hints at Imminent Rollout With Upgraded Bixby, Bug Fixes
  6. Samsung Galaxy A57 TENAA Listing Reveals Key Specifications Ahead of Anticipated Launch
  7. iQOO 15R, iQOO Z11x 5G Listed on Malaysian Certification Website Ahead of Imminent Global Launch
  8. Marathon Releases March 5 Across Steam, PS5, Xbox Series S/X; Pre-Orders Now Live
  9. Realme P4 Power 5G India Launch Date Announced; 10,001mAh Battery Confirmed
  10. OpenAI Will Reportedly Unveil Its First AI Device Later This Year
Gadgets 360 is available in
Follow Us
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.