Pakistan’s spy agency Inter Service Intelligence (ISI) has designed a social media honey trap to catch Indian defence personnel to take off valuable security related data and communication, according to Indian media reports.
Indian security agencies, who found out this app, have placed this Karachi-based cyber unit under scanner. The 300-member spy unit is funded by hackers Sajid Rana and Abid Rana and is backed by Pakistani spy agency ISI, India Today reported today.
The app has also been used to track Indian Soldiers movement following the terror attack on the IAF base in Pathankot in January 2016.
The data stealing software also takes control over the user's phone, said Rajshekhar Murthy, director of the National Security Database. Murthy was part of the team which tracked the Karachi snooping unit. Though it is still unclear, the Indian intelligence have fear that spy centre is likely to have succeeded in stealing loads of data and telephonic conversation through software 'installed' in their victims' phone.
The two brothers came on Indian radar last year when they were operating Smeshapp, which contained spyware that could be deployed on not just smartphones but even on desktop computers, enabling a third party to access personal information such as phone logs, text messages, even photographs stores on the compromised device. This was blocked by Google play and removed from their store.
The app has targeted thousands of Indian officers through Trojan malware disguised as a chatting app, over last one year. The spyware is still being promoted by spy unit as a chatting-interface on social media and is luring their victims to download it.
"Their unit members create Facebook account using fake pictures. In the first phase of their operation, a cyber team dedicated to track Indian defence personnel on social media connects them with several potential victims," Murthy said.
"Once they become friend with the targeted officer, they exchange obscene pictures and also make an internet call through voice over Internet Protocol (VoIP) to win confidence." he added.
The spy unit has also created news portal related to Indian defence forces promising credible data and information. But as soon as a user logged into the web site, their computer or smartphone would fall prey to Trojan malware.
The app targeted all branches of the armed forces, including the Border Security Force (BSF) and Central Industrial Security Force (CISF).
The information collected by the app was reportedly stored on a server in Germany and hosted by a man based out of Karachi.
Recently, Pakistani hackers were spotted at various international conferences where they presented themselves as app developers in search of international servers for hosting their app.