SmeshApp IM app spies on Indian Army.
SmeshApp IM app spies on Indian Army and sends sensitive information to Pakistan owned server in Germany.
Indian TV station CNN-IBN has discovered that Pakistani officials were collecting data about Indian troop movements using an Android app called SmeshApp.
According to the TV station's investigation, which received a tip from an inside source, Pakistan army's Inter Service Intelligence (ISI) agency was behind an Android app available through Google's Play Store, named SmeshApp (Google Cache link).
It was actually a simplistic IM application that never had more than 1,000 installations.
Through honeytraps and a spam campaign on social media, the app became popular among Indian army troops.
Reporters are saying that the app collected information on its users, such as geolocation data, photos, emails, messages, and call history, and sent it to a server in Germany, which was rented by a man living in Karachi, Pakistan.
Indian officials started to suspect that something was wrong when the app began to spam other army personnel by taking address books from devices it was installed on and sending spam to all the contacts.
Indian officials are fearing that Pakistan's intelligence agency or Pakistani terror groups could use the information amassed through this app to plot attacks against India by exploiting holes in border defenses to sneak through other terror groups in the country.
Indian army had warned personnel to avoid SmeshApp in February
After the terrorist attack on the Indian Air Force (IAF) Pathankot base that took place in January 2016, India started moving a large number of troops towards its borders, after it was discovered that the terrorists were from Pakistan and heavily communicated with somebody located in Pakistan before the attack.
Back in February 2016, Indian army officials issued a warning against the usage of three apps, WeChat, SmeshApp, and Line, fearing that these apps collected too much information if installed on smartphones used by Indian army personnel.
Following the CNN-IBN investigation, Google intervened on Tuesday, March 15, and removed SmeshApp from its official Play Store.
Of course, if Pakistan's ISI or anyone else wants to collect data on Indian officials, the app could be rebranded and uploaded to Google's store at any time, under a different name. The only way for Indian army personnel to stay safe is to avoid installing unknown apps and only stick to the standard apps, such as Facebook Messenger, WhatsApp, Signal, Telegram, and the rest.
Pakistani-linked threat actors have once again targeted Indian military personnel in a cyber-espionage campaign, for the third time in March 2016 month alone.
The first time this happened was at the beginning of the month, when Proofpoint researchers blew the lid off a cyber-espionage campaign named Operation Transparent Tribe, which targeted the Indian embassies in Saudi Arabia and Kazakhstan.
The second incident came to light last week and involved the SmeshApp Android app, which was logging details about Indian army personnel and sending it to a server in Germany, bought by a person from Karachi, Pakistan. Google eventually removed the app.
Now, third campaign targeted Indian military officials via phishing emails, distributing spyware to its victims via an Adobe Reader vulnerability.
- Other (42)
- Ransomware (128)
- Events and News (26)
- Features (45)
- Security (433)
- Tips (79)
- Google (22)
- Achievements (9)
- Products (33)
- Activation (7)
- Dealers (1)
- Bank Phishing (42)
- Malware Alerts (195)
- Cyber Attack (221)
- Data Backup (11)
- Data Breach (80)
- Phishing (139)
- Securty Tips (1)
- Browser Hijack (16)
- Adware (15)
- Email And Password (67)
- Android Security (56)
- Knoweldgebase (38)
- Botnet (15)
- Updates (3)
- Alert (71)
- Hacking (57)
- Social Media (7)
- vulnerability (54)
- Hacker (31)
- Spyware (8)
- Windows (6)
- Microsoft (21)
- Uber (1)
- YouTube (1)
- Trojan (2)
- Website hacks (3)
- Paytm (1)
- Credit card scam (1)
- Telegram (3)
- RAT (5)
- Bug (3)
- Twitter (2)
- Facebook (7)
- Banking Trojan (5)
- Mozilla (2)
- COVID-19 (5)
- Instagram (2)
- NPAV Announcement (5)
- IoT Security (1)
- Deals and Offers (1)
- Cloud Security (8)
- Offers (5)
- Gaming (1)
- FireFox (2)
- LinkedIn (2)
- WhatsApp (4)
- Amazon (1)
- DMart (1)
- Payment Risk (4)
- Occasion (2)
- firewall (1)
- Cloud malware (2)
- Cloud storage (2)
- Financial fraud (7)
- Impersonation phishing (1)
- DDoS (4)
- Smishing (2)
- Whale (0)
- Whale phishing (3)
- WINRAR (2)
- ZIP (2)