Cyber Attack Alert: New Malware Targets Indian Banking Customers

New Delhi, April 3, 2026 – A critical cybersecurity threat has been issued across India today following the discovery of sophisticated malware targeting banking customers. News Reporter Live has learned that the malware, dubbed 'IndusHunter,' is designed to steal banking credentials and financial data from unsuspecting users. Cybersecurity agencies are working overtime to contain the threat.

The Indian Computer Emergency Response Team (CERT-In) issued an advisory this morning, urging all banking customers to be extra vigilant about phishing attempts and suspicious emails or SMS messages. The advisory details IndusHunter's modus operandi: it typically spreads through malicious email attachments disguised as legitimate bank statements or transaction notifications. Once installed, the malware quietly harvests login credentials, credit card information, and other sensitive data.

IndusHunter: Technical Details and Impact

According to security analysts, IndusHunter is particularly sophisticated in its ability to evade detection. It employs advanced encryption techniques and polymorphic code, making it difficult for traditional antivirus software to identify and remove. "This malware is a game-changer. Its sophistication level is significantly higher than what we've seen in previous attacks targeting Indian banks," reportersays, said Dr. Rajesh Kumar, a cybersecurity expert at the Indian Institute of Technology (IIT) Delhi, speaking to News Reporter Live.

The malware primarily targets Android devices, which are widely used for mobile banking in India. It intercepts SMS messages containing one-time passwords (OTPs) and uses them to authorize fraudulent transactions. While the exact number of affected users is still under investigation, early estimates suggest that thousands of customers across various banks could be at risk. Initial reports indicate that State Bank of India (SBI), HDFC Bank, and ICICI Bank are among the targeted institutions.

Protecting Yourself from the Cyber Threat

CERT-In has released a set of guidelines to help banking customers protect themselves from IndusHunter. These include:

• Avoid clicking on links or opening attachments from unknown or suspicious senders.
• Verify the authenticity of emails and SMS messages by contacting your bank directly.
• Enable two-factor authentication (2FA) for all your banking accounts.
• Keep your antivirus software up to date.
• Regularly monitor your bank statements for any unauthorized transactions.
• Download apps only from trusted sources like the Google Play Store.

Government Response and Investigation

The Ministry of Electronics and Information Technology (MeitY) has launched a high-level investigation into the IndusHunter attack. Cybersecurity experts from the National Cyber Security Coordinator's office are working closely with banks and law enforcement agencies to track down the perpetrators and neutralize the malware. "We are taking this threat very seriously. All necessary resources are being deployed to protect Indian citizens and the country's financial infrastructure," stated a senior MeitY official who requested anonymity. Meanwhile, users can also make use of a EMI Calculator to calculate their finances.

The Reserve Bank of India (RBI) has also issued a directive to all banks, instructing them to enhance their cybersecurity measures and conduct comprehensive vulnerability assessments. The directive emphasizes the importance of employee training and awareness programs to prevent phishing attacks and social engineering tactics.

Expert Opinion and Future Outlook

"The IndusHunter attack is a wake-up call for the Indian banking sector," says Dr. Kumar. "It highlights the need for stronger cybersecurity defenses and greater collaboration between banks, government agencies, and cybersecurity firms. We need to invest in advanced threat detection technologies and develop proactive strategies to counter emerging cyber threats." The incident underscores the importance of robust cybersecurity infrastructure in the age of digital banking. Protecting digital assets is becoming increasingly important. You can read more about the Latest News here.