Indian Army mobile app cloned to target military personnel

An official Indian Army mobile app appears to have been cloned to target military personnel with Android phones, India today reported Wednesday.

Anti-malware software platform Malware Hunter Team first spotted the anomaly, finding that the cloned app completely mimics the Army Mobile Aadhaar App Network (ARMAAN).

The original ARMAAN app is used by the military to disseminate information, voice complaints about military engineering services, and contact the office of the chief of staff of the army.

Cyber ​​threat intelligence firm Cyble conducted further analysis of the malware to reveal the methods used.

Initial investigation results indicate that a suspicious domain was used to distribute the counterfeit app.

Consequences

Since the cloned app mimicked the look and functionality of the official app, it could steal data from service members who had to use their Aadhaar numbers and Aadhaar-linked mobile phones when opening the platform. -form.

The fake app uses the device’s camera and microphone, accesses documents and images, and steals the user’s calls and SMS data. It can also reveal victims’ phone number and location.

According to Cyble, the cloned app requests a total of 22 permissions. A dozen of them were said to have been ill-treated.

“The modified and malicious ARMAAN app poses a serious threat to the Indian Armed Forces,” Cyble said. Explain on his blog. “It can perform RAT (Remote Access Trojan) activities with potential to steal sensitive data from Indian Army personnel such as contacts, call logs, SMS, location and files from storage external, in addition to the ability to record sensitive audio files.”

Comments are closed.