Security agencies have warned Army troops and paramilitary forces against a malicious Pakistan-propped mobile app that masquerades as the anti-COVID-19 ‘Aarogya Setu’ app to steal sensitive data, officials said on Wednesday.
An advisory issued said the fake app can be received by a user as a WhatsApp forward or through SMS, a phishing e-mail or other links and via Internet-based social media.
The advisory has recommended to the personnel that they should only download the ‘Aarogya Setu’ app from authorised links from the ‘mygov.in’ website.
“The fake app during installation asks the user to permit use of internet and installation of additional application packages.
“Thereafter, it installs malicious links like face.apk, imo.apk, normal.apk, trueC.apk, snap.apk and viber.apk,” the advisory, accesed by PTI, said.
These viruses then look into a user’s smartphone and enable a hacker to track and monitor the content and activity of the phone. The data extracted from the user is saved at the command and control server of the app that is reported to be located in the Netherlands, a senior official said.
The troops have been asked to exercise caution while opening suspicious links over social media platforms and e-mail over their phones and apply up-to-date security patches and anti-virus guard, he said.
The Aarogya Setu application developed by the government helps people assess themselves on the risk of their catching the coronavirus infection.
The app detects other devices having the same facility in its GPS or bluetooth range and captures information regarding COVID-19 positive or linked cases.
The central government on Wednesday also made it mandatory for government officials to download and use the app in their personal phones.