Drinik Android malware steals CVV, PIN, key information, here are some tips for safeguarding your devices

A new variant of Drinik Android banking virus may steal your crucial bank credentials by employing screen recording and keylogging.


DNA Web Team

Updated: Oct 29, 2022, 07:59 AM IST

Edited by


According to reports, a new variant of the Drinik Android virus has been found, and it may steal some of your crucial financial information. The Drinik virus has been in the spotlight since 2016. Prior to this, the Indian government issued a warning to Android users about this spyware, which steals personal information under the guise of producing income tax returns. 

Cyble has discovered a new, more sophisticated variant of the same virus that is aimed squarely at users in India and customers of 18 different banks there. At the moment, only SBI customers are considered potential targets because of the association between Drinik and that bank.

Detection of new Drinik Android banking trojan
Upgraded Drinik virus sends an SMS containing an APK file to victims. iAssist imitates India's Income Tax Department's tax administration application. Once installed, the app requires permissions for various operations. Receive, read, and send SMS, read call log, and read and write to external storage.

The programme then seeks access to the Accessibility Service to deactivate Google Play Protect. Once a user authorises permission, the app may execute some operations without notifying them. The programme may record screen and key presses.

When the software receives the rights and features it wants, it accesses a legitimate Indian income tax website using WebView, rather than a phishing page. The site is legitimate, but the programme records users' screens and logs their passwords.

Also, READ: Got the iPhone iOS 16.1 update for your Apple device? Make sure your Wi-Fi is working

Drinik and other Android viruses: How to avoid

  • Don't install software recommended by an SMS message or from an unfamiliar website. Apps may be found in the Google Play Store and the Apple App Store.
  • Never let an unidentified app access to your text messages or call history. In reality, several programmes can work well without this permission. Users should use caution.
  • You should always double-check information received through a link, SMS, or email in regards to your banking by going directly to the institution's official website and never trusting information received from any other source.
  • Since the latest Drinik version uses the Accessibility Service, Android users should deny access to that service.
Find your daily dose of news & explainers in your WhatsApp. Stay updated, Stay informed-  Follow DNA on WhatsApp.

Live tv