A critical cybersecurity threat has been issued this Friday, March 20, 2026, by the Indian Computer Emergency Response Team (CERT-In), warning of a sophisticated new malware campaign specifically targeting users of Indian banking applications. This malware, dubbed 'IndusHunter' by cybersecurity researchers, is designed to steal banking credentials, intercept SMS-based OTPs, and conduct fraudulent transactions without the user's knowledge.

The alert details that IndusHunter is primarily distributed through unofficial app stores and phishing emails disguised as legitimate banking communications. Once installed, the malware requests extensive permissions, including access to SMS, contacts, and device storage. It then overlays itself on genuine banking apps, mimicking their login screens to capture usernames and passwords. Meanwhile, it silently intercepts incoming SMS messages to bypass two-factor authentication.

IndusHunter: A Deep Dive into the Malware's Capabilities

Cybersecurity firm, SecureTech Solutions, conducted an in-depth analysis of IndusHunter's code. "This malware is exceptionally well-crafted and demonstrates a clear understanding of the security protocols used by Indian banks," said Rohan Sharma, SecureTech's lead security analyst, speaking to News Reporter Live. "Its ability to bypass SMS-based OTPs is particularly concerning, as this is a widely used security measure in India."

The malware also employs advanced obfuscation techniques to evade detection by antivirus software. It communicates with a command-and-control server located overseas to receive instructions and exfiltrate stolen data. The CERT-In advisory urges users to exercise extreme caution when downloading apps from untrusted sources and to verify the authenticity of any email claiming to be from their bank.

Protecting Yourself: Tips to Stay Safe from Banking Malware

Several steps can be taken to mitigate the risk of infection. Firstly, only download apps from official app stores like Google Play Store or Apple App Store. Secondly, always verify the app developer's identity and check user reviews before installing any app. Thirdly, enable two-factor authentication using biometric methods or authenticator apps whenever possible, as these are more resistant to SMS interception. Reportersays that users should be wary of unsolicited emails or SMS messages asking them to click on links or download attachments.

Furthermore, keep your mobile operating system and antivirus software up to date with the latest security patches. Regularly review app permissions to ensure that no app has access to more data than it needs. If you suspect that your device has been infected with malware, immediately contact your bank and change your passwords.

India Availability and Impact

The IndusHunter malware is actively targeting users across India, with a particular focus on customers of major public and private sector banks. While the exact number of victims is still unknown, cybersecurity experts estimate that thousands of devices may already be infected. The financial losses resulting from this campaign could potentially run into crores of rupees. Banks are working with CERT-In to strengthen their security measures and alert customers to the threat. Meanwhile, law enforcement agencies are investigating the source of the malware and working to shut down the command-and-control server.