Blogs

17 Apr, 23

Franchise System for The Cleanables

[vc_row][vc_column][vc_column_text] YISolutions, an Managed IT Services & Cyber Security Solution company based in Karachi, Pakistan, is proud to announce that The Cleanables has selected YISolutions services. This is the First Time, our Website Designing & Application Development Services Selected by the Cleanables – one the top brand in US. https://franchise.thecleanables.com/   Services provided to The Cleanables;   Website Designing Franchise Distribution App   The Cleanables has made a successful mark on the cleaning industry by providing professional, transparent steam cleaning services to communities in Fairfax, Virginia, and we are ready to expand nationwide with people like YOU on our team!   YISolutions is a key player in IT Consultancy, Cyber Security and  Managed IT Services. YISolutions was established in 2002-2003 and our Pakistan Registered Office is located in Karachi at DHA. And our Principle Registered office is located in the US at Herndon.   [/vc_column_text][vc_empty_space height=”12px”][vc_column_text] Overview: Franchise Business Management Application, is a cloud-based solution , which assists franchise-based businesses with Managing Operations, workflows, service fee invoicing and sales opportunities along with cross selling. Core Features; Franchise Management Job Scheduling Billing Management Sales Management Franchise Royalty Management Franchise Support Teams using Franchise Business Management Application can use the dashboard to review existing pipelines of activities, previous activities and recruitment tasks to gain insights into the performance of each prospect. [/vc_column_text][/vc_column][/vc_row][vc_row css=”.vc_custom_1664973389548{padding-top: 45px !important;padding-bottom: 40px !important;padding-left: 75px !important;}”][vc_column][vc_single_image image=”5258″ img_size=”large”][vc_custom_heading text=”Franchise System” font_container=”tag:h2|text_align:center|color:%23da2128″ use_theme_fonts=”yes”][vc_gallery images=”4855,4856,4865,4877,4878,4876″ img_size=”medium” css=”.vc_custom_1664974153102{padding-bottom: 45px !important;padding-left: 25px !important;}”][/vc_column][/vc_row]
Read more
30 Mar, 23

Our New Venture Protalent

[vc_row css=”.vc_custom_1680262675462{padding-bottom: px !important;background-color: rgba(255,255,255,0.01) !important;*background-color: rgb(255,255,255) !important;}”][vc_column][vc_column_text]   Aim at empowering the youth to maximize their potential & Contribute to Pakistan’s IT Startup Ecosystem [/vc_column_text][vc_empty_space][vc_custom_heading text=”PRESENTING A REVOLUTIONARY PLATFORM” font_container=”tag:h2|text_align:center|color:%23da2128″ google_fonts=”font_family:Croissant%20One%3Aregular|font_style:400%20regular%3A400%3Anormal”][/vc_column][vc_column][vc_row_inner][vc_column_inner][vc_column_text] An Innovative platform that is on a mission to Empower & Inspire; [/vc_column_text][/vc_column_inner][/vc_row_inner][vc_empty_space][vc_custom_heading text=”Collaboration with Aptech Learning Institute” font_container=”tag:h2|text_align:center|color:%23da2128″ use_theme_fonts=”yes”][/vc_column][/vc_row][vc_row full_width=”stretch_row” css=”.vc_custom_1680174644341{padding-top: 75px !important;padding-bottom: 75px !important;background-color: #e5e5e5 !important;}”][vc_column width=”1/2″][vc_single_image image=”5415″ img_size=”large” alignment=”center”][vc_column_text] It’s a platform for talented young individuals offering them support and resource as they embark on their careers. ProTalent seeks to support the most promising and ambitious individuals eager to excel in their fields, professionally. Are you ready to take control of your future?  Are you geared up to Unlock your true potential?   www. ProTalent.pk[/vc_column_text][/vc_column][vc_column width=”1/2″][vc_single_image image=”5209″ img_size=”large” alignment=”center”][vc_column_text] Aptech has presence in more than 40+ emerging countries through its two main streams of businesses – Individual training and Enterprise Business. APTECH came to Pakistan in 1998, when the concept of vocational education in I.T. was only up-to learning of MS Word and Spreadsheets. APTECH Computer Education gave exposure to Pakistani youth towards global learning in I.T. education. Our vision and mission is to empower PAKISTAN through technology. Under Individual Training, Aptech offers career and professional training through its Aptech Learning brand.[/vc_column_text][/vc_column][/vc_row][vc_row css=”.vc_custom_1680175020992{padding-top: 85px !important;padding-bottom: 05px !important;}”][vc_column][vc_empty_space][vc_custom_heading text=”This breakthrough is offering the budding talent an avenue to Express, Grow & Shine.” font_container=”tag:h2|text_align:center|color:%23da2128″ google_fonts=”font_family:Croissant%20One%3Aregular|font_style:400%20regular%3A400%3Anormal”][/vc_column][/vc_row][vc_row css=”.vc_custom_1680247837888{padding-top: 15px !important;}”][vc_column][vc_column_text] Some Glimpses of our Aptech Visits [/vc_column_text][/vc_column][/vc_row][vc_row css=”.vc_custom_1680247858706{padding-top: 45px !important;padding-bottom: 40px !important;}”][vc_column width=”1/3″][vc_single_image image=”5156″ img_size=”full” alignment=”center” style=”vc_box_rounded” onclick=”link_image”][/vc_column][vc_column width=”1/3″][vc_single_image image=”5159″ img_size=”full” alignment=”center” style=”vc_box_rounded” onclick=”link_image”][/vc_column][vc_column width=”1/3″][vc_single_image image=”5158″ img_size=”full” alignment=”center” style=”vc_box_rounded” onclick=”link_image”][/vc_column][/vc_row][vc_row css=”.vc_custom_1680247858706{padding-top: 45px !important;padding-bottom: 40px !important;}”][vc_column width=”1/3″][vc_single_image image=”5606″ img_size=”full” alignment=”center” style=”vc_box_rounded” onclick=”link_image”][/vc_column][vc_column width=”1/3″][vc_single_image image=”5605″ img_size=”full” alignment=”center” style=”vc_box_rounded” onclick=”link_image”][/vc_column][vc_column width=”1/3″][/vc_column][/vc_row][vc_row css=”.vc_custom_1680247858706{padding-top: 45px !important;padding-bottom: 40px !important;}”][vc_column][vc_row_inner][vc_column_inner][vc_text_separator title=”” i_icon_fontawesome=”fas fa-certificate” i_color=”custom” style=”dashed” border_width=”4″ add_icon=”true” i_custom_color=”#da2128″][/vc_column_inner][/vc_row_inner][vc_column_text] 8/MAY/2023 YS Consultants Visited Memon Institute (MITI) For Discussing ProTalent & it’s Vision Before Signing The Memorandum of Collaboration (MOC). [/vc_column_text][vc_empty_space][vc_column_text] Some Glimpses of our Memon Institute Visits [/vc_column_text][vc_empty_space][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”5506″ img_size=”full” alignment=”center” style=”vc_box_rounded” onclick=”link_image”][/vc_column_inner][vc_column_inner width=”1/4″][vc_single_image image=”5505″ img_size=”full” alignment=”center” style=”vc_box_rounded” onclick=”link_image”][/vc_column_inner][vc_column_inner width=”1/4″][vc_single_image image=”5504″ img_size=”full” alignment=”center” style=”vc_box_rounded” onclick=”link_image”][/vc_column_inner][vc_column_inner width=”1/4″][vc_single_image image=”5503″ img_size=”full” alignment=”center” style=”vc_box_rounded” onclick=”link_image”][/vc_column_inner][/vc_row_inner][vc_empty_space][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”5501″ img_size=”full” alignment=”center” style=”vc_box_rounded” onclick=”link_image”][/vc_column_inner][vc_column_inner width=”1/4″][vc_single_image image=”5500″ img_size=”full” alignment=”center” style=”vc_box_rounded” onclick=”link_image”][/vc_column_inner][vc_column_inner width=”1/4″][vc_single_image image=”5499″ img_size=”full” alignment=”center” style=”vc_box_rounded” onclick=”link_image”][/vc_column_inner][vc_column_inner width=”1/4″][vc_single_image image=”5521″ img_size=”full” alignment=”center” style=”vc_box_rounded” onclick=”link_image”][/vc_column_inner][/vc_row_inner][vc_empty_space][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”5496″ img_size=”full” alignment=”center” style=”vc_box_rounded” onclick=”link_image”][/vc_column_inner][vc_column_inner width=”1/4″][vc_single_image image=”5497″ img_size=”full” alignment=”center” style=”vc_box_rounded” onclick=”link_image”][/vc_column_inner][vc_column_inner width=”1/4″][vc_single_image image=”5514″ img_size=”full” alignment=”center” style=”vc_box_rounded” onclick=”link_image”][/vc_column_inner][vc_column_inner width=”1/4″][vc_single_image image=”5518″ img_size=”full” alignment=”center” style=”vc_box_rounded” onclick=”link_image”][/vc_column_inner][/vc_row_inner][vc_empty_space][vc_row_inner][vc_column_inner][vc_column_text][/vc_column_text][/vc_column_inner][/vc_row_inner][/vc_column][/vc_row][vc_row css=”.vc_custom_1680245279145{padding-top: 15px !important;padding-bottom: 40px !important;}”][vc_column width=”1/3″][vc_message]Be there for More News & Updates[/vc_message][/vc_column][vc_column width=”1/3″][/vc_column][vc_column width=”1/3″][/vc_column][/vc_row]
Read more
24 Mar, 23

What Is Web Hosting – Web Hosting Explained for Beginners

Web hosts provide the hosting technology and resources required for the effective and secure operation of your website. They are responsible for keeping the server up and running, implementing security measures, and ensuring that data such as texts, photos, and other files are transferred successfully to the visitors’ browsers. In this article, you will learn what web hosting is, how it works, and what are the different types of web hosting available.   Video Guide on What Is Web Hosting What Is Web Hosting? How Does Web Hosting Work? Types of Web Hosting Services Shared Hosting Virtual Private Server (VPS) Hosting Cloud Hosting WordPress Hosting Dedicated Hosting How to Choose the Best Web Hosting Service Provider? Control Panel Web Host’s Uptime Technical Specifications Online Reviews Security 24/7 Customer Support Additional Services What’s the Difference Between Web Hosting and a Domain Name? What Is Web Hosting FAQ Is It Necessary to Buy Hosting? Can I Host My Website for Free? How Does Free Web Hosting Work? How Much Does It Cost to Host a Website? How Does Free Web Hosting Work? The server that hosts your website is a physical computer that runs continuously to make the site available for visitors all the time. Buying servers for web hosting will allow you to store all the data of your website in the those servers of your provider. Once a user enters your domain name into their browser’s address bar, the web host’s server will transfer all the files necessary to load your website. You can host a website yourself, but it requires extensive technical skills. Self-hosting entails setting up and configuring a web server from scratch, including the equipment, infrastructure, hardware, and software. Furthermore, you will also have to handle all the ongoing maintenance. A web hosting service provider ensures that your website performs optimally and with better security protocols. In addition, it simplifies the many complex aspects of hosting a website – from software installation to technical support. Types of Web Hosting Services With numerous web hosting options available, it can be challenging to determine which one is best for your website. Most web hosts offer different hosting packages for different types of customers – from business website owners to personal blog creators. Ideally, you should start with the simplest hosting solution. Once your site gets more traffic, you can upgrade to a more advanced plan. Feel free to check Hosting partner prices to get a general idea of the different types of hosting and their costs. Let’s take a look at some of the most popular ones available. Shared Hosting With shared hosting, multiple users share the same server resources, including memory, processing power, and storage space. Because of its simplicity and affordability, shared web hosting is an excellent solution for small businesses and personal websites that do not require advanced configuration or higher bandwidth. Hence, shared hosting is an excellent choice for beginners that need cheap hosting to start. Pros Cost-effective, ideal for small-scale websites Technical expertise is not required Pre-configured server options No need to take care of maintenance and server administration Cons Minimal access to server configuration Increased traffic on other websites can affect your website’s speed Virtual Private Server (VPS) Hosting With this web hosting type, your website also shares a physical server with other users, but the web host creates a virtual partition for each user. Thus, a site hosted on a virtual private server get an allocated amount of resources. VPS web hosting is a great option for medium-sized sites, eCommerce shops, and large blogs with a rapidly growing number of visitors. Pros Dedicated server space Increased traffic on other websites has no impact on your site’s performance Root access to the server High customizability Cons Users need technical expertise to manage it Even though it’s relatively affordable, some users may have to hire a developer to manage the virtual server, increasing the overall costs Cloud Hosting This web hosting solution uses several virtual servers to host sites. Thus, if one server experiences high traffic or a problem, the remaining ones will take over and maintain the website operating. Since cloud based web hosting relies on a cluster of web servers to function, businesses with multiple websites and large-scale sites like eCommerce shops can benefit the most from it, as it provides little to no downtime. Pros Reduced likelihood of downtime and hardware failure Uses load balancing to handle high traffic and prevent DDoS attacks Scalability – your website is not limited to the resources of a single server Cons Root access is not always provided It is more expensive than VPS and shared hosting WordPress Hosting This type of CMS web hosting service provides a WordPress-optimized server environment to help your site load faster and minimize potential issues. However, other types of web hosting still work for websites based on this popular content management system (CMS). Typically, the best WordPress hosting plans come with features such as pre-installed themes, plugins for core functions like caching and security, and other tools. Pros Low cost and beginner-friendly Optimized performance for WordPress sites Customer support team trained in WordPress issues Pre-installed WordPress plugins and themes Cons Not an ideal type of web hosting for non-WordPress websites Dedicated Hosting Dedicated hosting designates a physical server for each website. By going with dedicated hosting, you can configure the server, choose your desired operating system and software, and customize the entire hosting environment to your specifications. Renting a dedicated server is just as powerful as having your own on-site server, but with the added benefit of getting professional support from your web host. Thus, dedicated hosting is ideal for large online businesses that deal with heavy traffic. Pros Complete control over the server’s configuration High reliability Root access to the server Cons High cost, more oriented towards large businesses Technical and server management knowledge is required How to Choose the Best Web Hosting Service Provider? As your website grows, you might need additional storage space, bandwidth, and other types of resources. In that case, you may consider migrating to a more advanced hosting solution such as cloud hosting or
Read more
28 Feb, 23

ChatGPT is down worldwide – OpenAI working on issues

ChatGPT, the famous artificial intelligence chatbot that allows users to converse with various personalities and topics, has connectivity issues worldwide. OpenAI has confirmed users are currently experiencing issues worldwide, with many unable to access the AI. When accessing ChatGPT, users see “the origin web server timed out responding to this request” error message. This outage started within the last 45 minutes. According to Down Detector, ChatGPT is currently experiencing an outage in the U.S, Europe, India, Japan, Australia, and other parts of the world. On the status page, OpenAI has acknowledged an issue affecting ChatGPT. “Traffic for ChatGPT is beginning to improve after initial fixes have been implemented,” the company said. Update 1: ChatGPT seems to be returning online for some users, while others continue to face trouble. Update 2: OpenAI confirmed issues have been fixed. The company said they re-enabled access to free customers  and “things look operational”. This is a developing story. NOTE:: This article is copyright by bleepingcomputer.com and we are using it for educational or Information purpose only      
Read more
30 Jan, 23

Massive Microsoft 365 outage caused by WAN router IP change

Microsoft says this week’s five-hour-long Microsoft 365 worldwide outage was caused by a router IP address change that led to packet forwarding issues between all other routers in its Wide Area Network (WAN). Redmond said at the time that the outage resulted from DNS and WAN networking configuration issues caused by a WAN update and that users across all regions serviced by the impacted infrastructure were having problems accessing the affected Microsoft 365 services. The issue led to service impact in waves, peaking approximately every 30 minutes as shared on the Microsoft Azure service status page (this status page was also affected as it intermittently displayed “504 Gateway Time-out” errors). The list of services impacted by the outage included Microsoft Teams, Exchange Online, Outlook, SharePoint Online, OneDrive for Business, PowerBi, Microsoft 365 Admin Center, Microsoft Graph, Microsoft Intune, Microsoft Defender for Cloud Apps, and Microsoft Defender for Identity, In all, it took Redmond over five hours to address the issue, from 7:05 AM UTC when it started investigating up until 12:43 PM UTC when service was restored. “Between 07:05 UTC and 12:43 UTC on 25 January 2023, customers experienced issues with networking connectivity, manifesting as long network latency and/or timeouts when attempting to connect to resources hosted in Azure regions, as well as other Microsoft services including Microsoft 365 and Power Platform,” Microsoft said in a preliminary post-incident report published today. “While most regions and services had recovered by 09:00 UTC, intermittent packet loss issues were fully mitigated by 12:43 UTC. This incident also impacted Azure Government cloud services that were dependent on Azure public cloud.” Microsoft now also revealed that the issue was triggered when changing the IP address of a WAN router using a command that had not been thoroughly vetted and that has different behaviors on different network devices. “As part of a planned change to update the IP address on a WAN router, a command given to the router caused it to send messages to all other routers in the WAN, which resulted in all of them recomputing their adjacency and forwarding tables,” Microsoft said. “During this re-computation process, the routers were unable to correctly forward packets traversing them.” While the network began recovering on its own starting at 08:10 UTC, the automated systems responsible for maintaining the health of the wide area network (WAN) paused due to the impact on the network.  These systems included those for identifying and eliminating unhealthy devices as well as traffic engineering systems for optimizing data flow across the network.  As a result of the pause, some network paths continued experiencing increased packet loss from 9:35 UTC until the systems were manually restarted, returning the WAN to optimal operating conditions and completing the recovery process at 12:43 UTC. Following this incident, Microsoft says that it’s now blocking highly impactful commands from being executed and that it will also require all command execution to follow guidelines for safe configuration changes.  
Read more
08 Dec, 22

CPanel & Plesk Price Increase 2023

cPanel and Plesk continue with dramatic yearly price increases (see 2019 price increase) even in the midst of a global pandemic while people and countless businesses are making sacrifices to stay afloat. The brass over at cPanel and Plesk are clearly unfazed. Announced today that is Dec 07, 2022 there will be a 10-15% price increase on all license costs. Justification for this price increase being –  NGINX support – which is still in beta! cPanel apparently has been caught by surprise that Centos8 and Cloudlinux8 have been release over a year. Yi-Solutions has no choice but to pass the price increase along to our customers as well. On the bright side, we have been building our relationship with DirectAdmin over the last year. We will soon be offering the Direct Admin Personal license completely FREE with the purchase of a VPS or Dedicated server. We will be introducing this offer in our control panel before the year’s end. cPanel to DirectAdmin migrations are possible. Below are the new prices that will take effect immediately for new orders. All current licenses will be updated to the new pricing structure on 1/1/2023. Plesk Edition Current Price Price – starting Jan 1, 2023 VPS Plesk Admin Edition $12.0 $14.50 VPS Plesk Pro Edition $18.50 $21.50 VPS Plesk Web Host Edition $30.50 $36.50 Dedicated Plesk Admin Edition $12.0 $14.50 Dedicated Plesk Pro Edition $18.50 $21.50 Dedicated Plesk Web Host Edition $54.50 $59.50 Cpanel Edition Current Price Price – starting Dec 16, 2022 Admin Cloud – up to 5 Accounts $24.99 $27.99 Pro Cloud  – up to 30 Accounts $35.99 $39.99 Pro Plus  – up to 50 Accounts $40.99 $44.99 Premier Cloud – up to 100 Accounts $53.99 $59.99
Read more

Digitally Sign Emails – Mozilla Thunderbird

1:: Open a new email window in Mozilla Thunderbird. Go to Tools > Account Settings. 2:: Click the Security tab. Click Select next to the Digital Signing field. 3:: Choose the certificate you intend to use for signing. Click OK. Note: If no certificates are present, it still needs to be imported. Follow these instructions and then return to this article to continue. 4:: You can choose the encryption certificate here as well: 5:: To sign all messages, check Digitally sign messages (by default) under the Digital Signing field: 6:: Click OK to complete. If you are not signing by default, proceed to the next step for instructions on signing a single email. 7:: When composing a new email in Thunderbird, click the Security drop down menu and choose Digitally Sign This Message. Note: To send encrypted messages, you must first receive a digitally signed email message from the recipient.  
Read more
18 Nov, 22

Website Monitoring & Security for Karachi Neighborhood Improvement Project

[vc_row full_width=”stretch_row” content_placement=”middle” css=”.vc_custom_1682513566635{padding-top: 50px !important;padding-bottom: 20px !important;}”][vc_column][vc_custom_heading text=”Website & Email Monitoring” font_container=”tag:h2|text_align:center|color:%23da2128″ use_theme_fonts=”yes” subtitle=”Summary”][vc_column_text] Here is the services details we provide to Karachi Neighborhood Improvement Project of Website Monitoring & Email Security [/vc_column_text][/vc_column][/vc_row][vc_row full_width=”stretch_row” content_placement=”middle” css=”.vc_custom_1682594237626{margin-top: 40px !important;padding-top: 30px !important;padding-bottom: 20px !important;background-color: #f2f2f2 !important;}”][vc_column][vc_custom_heading text=”At Glance Summary” font_container=”tag:h2|text_align:center|color:%23da2128″ use_theme_fonts=”yes” css=”.vc_custom_1682514403196{padding-top: 50px !important;}”][vc_row_inner][vc_column_inner width=”1/2″][vc_custom_heading text=”Website Monitoring” font_container=”tag:h3|text_align:center|color:%231e73be” use_theme_fonts=”yes”][vc_column_text] Description Output Website Monitoring Checked Hackerproof Checked Website Scanning Regularly DDoS Protection Checked Malware Remediation Checked 24/7 Security & Protection Checked [/vc_column_text][/vc_column_inner][vc_column_inner width=”1/2″][vc_custom_heading text=”Email Security” font_container=”tag:h3|text_align:center|color:%231e73be” use_theme_fonts=”yes”][vc_column_text] Description Output Digital Signature Installed Digitally Signing an email Checked Encrypting email Checked Personal Certificates Installed [/vc_column_text][/vc_column_inner][/vc_row_inner][/vc_column][/vc_row][vc_row][vc_column][vc_custom_heading text=”Summary” font_container=”tag:h2|text_align:center|color:%23da2128″ use_theme_fonts=”yes” css=”.vc_custom_1682512637508{padding-top: 70px !important;}”][/vc_column][/vc_row][vc_row full_width=”stretch_row” content_placement=”middle” css=”.vc_custom_1682511290128{padding-bottom: 30px !important;}”][vc_column width=”1/2″][vc_column_text]Monitor websites, web servers and mail servers via status and content checks. Get an overview via one easy-to-use dashboard for all your websites and web services. Get detailed insights into check results and notification events with issue history and scheduled reports. Pre-defined alert settings for immediate start of your website monitoring. ‍Website monitoring check – for site status or content. ICMP Ping – check host response to requests. TCP Port Check – check if a service is listening to connections. Custom Check – HTTP results via your own scripts. [/vc_column_text][/vc_column][vc_column width=”1/2″][vc_single_image image=”5427″ img_size=”large”][/vc_column][/vc_row][vc_row css=”.vc_custom_1682595244664{padding-top: 45px !important;padding-bottom: 25px !important;}”][vc_column width=”1/2″][vc_images_carousel images=”5432,5433″ img_size=”full” autoplay=”yes” hide_pagination_control=”yes” wrap=”yes”][/vc_column][vc_column width=”1/2″][vc_column_text] Digital Signatures provide authenticity and integrity to digital messages such as email, documents and code distributed via the Internet. Digital Signatures allow organizations to securely exchange data and improve electronic workflows. To apply Digital Signatures to messages and files the organisation must hold a valid digital certificate. Digital certificates are issued by GlobalSign. We are a trusted Certificate Authority and we maintain one of the world’s largest and most trusted Public Key Infrastructures (PKI). [/vc_column_text][/vc_column][/vc_row]
Read more

Drinik Android malware now targets users of 18 Indian banks

A new version of the Drinik Android trojan targets 18 Indian banks, masquerading as the country’s official tax management app to steal victims’ personal information and banking credentials. Drinik has been circulating in India since 2016, operating as an SMS stealer, but in September 2021, it added banking trojan features that target 27 financial institutes by directing victims to phishing pages. Analysts at Cyble have been following the malware and report that its developers have evolved it into a full Android banking trojan with screen recording, keylogging, abuse of Accessibility services, and the ability to perform overlay attacks. Stealing credentials from real sites The latest version of the malware comes in the form of an APK named ‘iAssist,’ which is supposedly India’s Income Tax Department’s official tax management tool. Upon installation, it requests permissions to receive, read, and send SMS, read the user’s call log, and read and write to external storage. Next, it requests the user the allow the app to (ab)use the Accessibility Service. If granted, it disables Google Play Protect and uses it to perform navigation gestures, record the screen, and capture key presses. Eventually, the app loads the actual Indian income tax site via WebView instead of phishing pages like past variants and instead steals user credentials by recording the screen and using a keylogger. Drinik will also check if the victim ended up on a URL that indicates a successful login to ensure that the exfiltrated details (user ID, PAN, AADHAR) are valid. At this stage, the victim is served a fake dialogue box saying that the tax agency found they’re eligible for a refund of Rs 57,100 ($700) due to previous tax miscalculations and are invited to tap the “Apply” button to receive it. This action takes the victims to a phishing page that is a clone of the real Income Tax Department site, where they are directed to enter financial information, including account number, credit card number, CVV, and card PIN. Targeting banks To target the eighteen banks, Drinik constantly monitors the Accessibility Service for events related to the targeted banking apps, such as their apps. The targeted banks include SBI (State Bank of India), one of the largest banks in the world, serving 450,000,000 people via a massive network of 22,000 branches. If there’s a match, the malware collects keylogging data that contain user credentials and siphons them to the C2 server. During this attack, Drinik abuses the “CallScreeningService” to disallow incoming calls that may interrupt the login and, by extension, the data-stealing process. Drinik evolving While Drinik isn’t as sophisticated or advanced as other banking trojans, its authors appear determined to make it more powerful, constantly adding features that make it harder to detect. Going after Indian taxpayers and banking customers means that Drinik has a massive targeting pool, so every new successful feature potentially translates to substantial financial gains for the malware’s operators. To avoid this threat, always avoid APK downloads from outside the Play Store and enable biometric authentication, such as 2FA, for logging in to e-banking portals. NOTE: This article is copyright by bleepingcomputer.com and we are using it for educational or Information purpose only    
Read more
Cart

No products in the cart.