The Indian Computer Emergency Response Team (Cert-In) is warning users about various types of mobile-based malware and the methods followed by them to infect devices in their latest advisory.

The advisory listed out types of malware that are active to ensure users stay safe from them which are Adware, cryptocurrency mining malware, remote access tools, mobile banking, short message service trojans, mobile spyware and ransomware.

Cert-in additionally warned about fake applications and websites which carry legitimate company names or references to users.

Its advisory is claimed to contain details about ads that can be persistently pushed, track and report location and sensitive information or subscribe users to premium services excluding content.

In a previous set of regulations, CERT-In requested that VPN service providers keep client data for five years, including the reason users used the VPN service.

CIO Insider reported that Companies subject to CERT-In new cybersecurity mandate will be open to information access through the center's proper legal and administrative processes.

The IT ministry, whose guidelines are dreaded by the sector and privacy experts, will release more precise clarifications concerning the CERT-In mandate in the coming days.

Since VPN service providers such as Surfshark and NordVPN believe that adopting CERT-In recommendations would go against the essence of their services, which are designed to safeguard user anonymity, they believe that following them would be counterproductive. Some service providers have stated that they lack the technical capabilities to comply with the order and that if they are forced to leave India.

Cert-in suggests users to keep their operating systems and apps updated, use strong authentication, disable unneeded network radios, install security software and always delete data before discarding the device, to avoid falling victim to the malware and their methods.