How Pakistani cyber 'jihadis' honeytrapped an IAF officer for classified information

It was a group of 300 ISI cyber 'jihadis' led by the Rana brothers of Karachi who honeytrapped and blackmailed Group Captain Arun Marwaha to extract Indian defence secrets.

Published: 10th February 2018 12:18 AM  |   Last Updated: 10th February 2018 12:18 AM   |  A+A-

Image used for representational purpose.

By IANS

NEW DELHI: It was a group of 300 ISI cyber 'jihadis' led by the Rana brothers of Karachi who honeytrapped and blackmailed Group Captain Arun Marwaha to extract Indian defence secrets from the IAF officer who once trained intelligence officers and naval commandos, police said on Friday.

A Delhi Police officer, part of the team investigating the case, told IANS that Indian Air Force (IAF) officer Marwaha -- posted at the Air Headquarters in Delhi -- was lured by Sajid and Abid Rana and their group members, including some women, who used to chat with Marwaha on social media by posing as sex models.

According to the police officer, Marwaha, 51, shared information and documents with two Pakistani agents who chatted with him on Facebook, pretending to be women. The fake accounts, in the names of 'Kiran Randhawa' and 'Mahima Patel', were used to lure him.

During sex chats, Marwaha passed on the secret information to the group run by Pakistan's Inter-Services Intelligence (ISI).

The police officer said the Rana brothers had earlier targeted thousands of Indian officers by sending them chat requests through Trojan malware disguised as legitimate software to hack and gain access to the users' systems.

Users are typically tricked by some form of social engineering into loading and executing the malware on their systems.

A similar application was also used by Pakistani terrorists to access Indian troop's movement before and after the terror attack on the IAF base in Pathankot in January 2016, the officer said.

"Rana brothers used this application, which is basically a data-stealing software, to take control of the user's phone," he said.

The Karachi-based cyber unit observes the Internet habits of Indian defence officials by tracking their social media activities.

"The officers using smartphones of Chinese origin are particularly under their radar. Those visiting porn sites or befriending women using various social media and clicking on links on these sites are being monitored closely," he said.

The police officer said many other hacking softwares are used by the members of this cyber unit. Some of the commonly used are free proxy, squid, java anon proxy, shadowsoc, tiny proxy, nginx, stunnel, internet junkbuster, proxomitron, safe squid, ghost proxy, steady proxy and others.

These softwares help hackers dodge the investigation agency by re-routing their IP addresses, making the origin of a cybercrime almost untraceable.

The Group Captain was first detained by the IAF on January 31 after his activities were found "suspicious".

The Air Force later approached the Delhi Police to investigate. 

He allegedly used his smartphone to click pictures of classified documents pertaining to the IAF headquarters and then sent them via WhatsApp.

According to a Special Cell officer, the defence officer befriended the ISI agents posing as women models and chatted with them regularly on WhatsApp, exchanging intimate messages.

The ISI agents also blackmailed him after he sent them his nude pictures and videos, the officer said.

"The documents which Marwaha shared mostly dealt with training and combat-related air exercises. We also found he shared documents of the exercise 'Gagan Shakti'," the officer added.

The IAF officer had a good track record so far and had trained officers of the Marine Commandos (Marcos) of the Navy and intelligence wing of the IAF.

Stay up to date on all the latest Nation news with The New Indian Express App. Download now
(Get the news that matters from New Indian Express on WhatsApp. Click this link and hit 'Click to Subscribe'. Follow the instructions after that.)

Comments

Disclaimer : We respect your thoughts and views! But we need to be judicious while moderating your comments. All the comments will be moderated by the newindianexpress.com editorial. Abstain from posting comments that are obscene, defamatory or inflammatory, and do not indulge in personal attacks. Try to avoid outside hyperlinks inside the comment. Help us delete comments that do not follow these guidelines.

The views expressed in comments published on newindianexpress.com are those of the comment writers alone. They do not represent the views or opinions of newindianexpress.com or its staff, nor do they represent the views or opinions of The New Indian Express Group, or any entity of, or affiliated with, The New Indian Express Group. newindianexpress.com reserves the right to take any or all comments down at any time.

facebook twitter whatsapp