Mumbai Police Probes Fake Aarogya Setu App Snooping On Bureaucrats, Defence Personnel

In a shocking revelation, Mumbai Police has found that a fake Aarogya Setu application has become the new tool of Pakistan’s intelligence unit ISI to spy on Indians.

The duplicate application, which was first developed in April 2020, is now back with an updated version which is reportedly being promoted by ISI backed hackers. As of now, Indian defence agencies are looking for links of the application which was circulated among bureaucrats and defence personnel.

Yashasvi Yadav, IG cyber department, Maharashtra Police, said that the department has come across potentially very dangerous malware, through which sensitive data can be stolen. “Some Pakistan hackers designed a fake Aarogya Setu App to access sensitive information from the phone of our bureaucrats and defence personnel,” he added.

The duplicate application is said to be very similar to the Aarogya Setu app. However, Yadav clarified that anyone can distinguish between the original and the fake app by looking at their file extensions. “The file extension of the fake App is .apk and the file extension of the original app of government is .gov.in.”

Once installed, the application can access the information and data stored in the phone. The application is also said to be activating the phone’s microphone while it can also snoop through WhatsApp and text messages easily.

According to cybersecurity experts, users should refrain from installing any link which is sent through text messages or through email. It is advised to download applications through Google Play Store or Apple iOS store only.

According to a report by Times Now, this is a Trojan attack. Cyber Expert Ankur Puranik said that the clear intention of app makers was to get sensitive information. “At the time of downloading such apps, one gives default permissions to access photos, chats in the phone and even permission to activate the microphone. The information goes to the third person sitting across the border,” he added.

The application is hosted at a server-based in the Netherlands. This is making it difficult for the Mumbai police cyber cell to proceed with their probe. The department estimates that the application has been downloaded by many internet users in India. Meanwhile, all the state and central intelligence agencies have been made aware of the situation.

So far, Aarogya Setu has been downloaded over 10 Mn times. The popularity of the application on the Google Play Store increased after the government directed the companies to ask their employees to download the application before coming to the offices.

A similar fake app was identified by cybersecurity firm SonicWall Labs Threats. These apps were capable of making phone calls to premium numbers, recording phone calls, sending SMSes, taking photographs and also recording videos.

The firm had pointed out that even uninstalling the app through the regular methods only removes the app in the front, whereas the spyware would still be present on the device. The users can only remove the spyware by uninstalling the apps through settings.

Note: We at Inc42 take our ethics very seriously. More information about it can be found here.