Security at risk: WhatsApp malware targeting Army personnel detected

NEW DELHI: Indian defence persons are on target of enemy intelligence agencies and the messaging application WhatsApp is being used often.

After the detection of a similar breach in April this year, another case has been detected where a malware is being circulated using WhatsApp. Intelligence agencies have detected a malicious malware file ‘CSO_SO on Deputation DRDO. apk’ said to have originated from a suspicious WhatsApp number that is being forwarded on WhatsApp to target Indian Defence Persons.

As per the sources, the .APK file is a decoy copy of a genuine DRDO (Defence Research and Development Organisation) letter issued on 26 May 2022 on the same subject, i.e., calling for application for deputations to DRDO.

“Pakistan has used an innovative social engagement theme and explosive vulnerability in the cyber domain to target defence persons through click-bait method to steal their digital credentials and elicit sensitive info,” said the sources.

The infected devices were analysed by the agencies and the findings indicate that “on clicking the malicious file it compromises the digital artefacts and connection with servers based in Nuremberg, Bavaria, Germany”.

The DRDO had announced deputations for defence persons to DRDO as Chief Security Officer, dated May 26, 2022. The text message purportedly written by Rajan Kumar, UDC, urges the recipients to forward the .APK file to all the eligible defence officers so that they can apply for the said deputation. This paper had reported earlier that the Army has instructed all officers to stay off any social media groups floated by civilians, or people whose identity cannot be verified.

The aim of the policy is to secure not just information but personnel too, said another source.