Income tax

Beware of the Fake Income Tax Department! CE malware attacks taxpayers; Know the tricks to avoid losses

The Drinik malware is back and is now attacking taxpayers. Know how to protect your data.

This is an important alert for all taxpayers. A malware nicknamed Drinik is back. Recently, Cyble Research & Intelligence Labs (CRIL) identified an enhanced version of Drinik impersonating India’s income tax department and targeting 18 banks, including the National Bank of India (SBI), according to a Syble blog. It can be known that the Drinik malware targeted the banking since 2016. Previously, the malware operated as an SMS stealer, but now it has evolved into a android Trojan. After the evolution, the malware can now perform screen recording to collect credentials, keylogging, abuse call screening service to manage incoming calls and receiving commands via Firebase. Cloud Messaging.

According to information provided by Cyblemalware variant communicates with Command & Control (C&C) server hxxp://gia[.], which is hosted on IP 198[.]12.107[.]13. In addition, the third and latest version supports the authentic income tax department site and uses screen recording with a keylogging feature to steal login credentials. Additionally, the latest version of the Drinik malware comes in the form of an APK named iAssist.

It can be known that the iAssist is the official tax management tool of the Indian tax department. Once installed on a device, the APK file will request permission to read, receive, and send SMS messages in addition to reading the user’s call log. It also asks for permission to read and write to external storage. Initially, it will lead you to Indian Income Tax official website and show fake dialog box to steal users account details. The malware then tries to trick the user into showing an instant tax refund and eventually leads them to the phishing site.

However, what should now be noted is that malware and techniques for tricking people have evolved at a rapid pace. Therefore, it is very important for users to take precautionary measures. Here are some of the tips you can use to stay safe:

Tips to protect your data from malware

Step 1:

Do not click on any link that you believe is questionable or false.

2nd step:

Never forget to download and install software only from official app stores like Play Store or iOS App Store. Also check the authenticity of software before downloading it.

Step 3:

You should never share your personal information or banking credentials such as card details, CVV number, PIN, among others, with anyone.

Step 4:

Keep strict security features on your phone like fingerprint lock or face recognition. Also use strong passwords and enforce multi-factor authentication where possible.

Step 5:

Avoid allowing multiple apps to access data on your device.