Profile cover photo
Profile photo
Ranjeet Jha
Communities and Collections
View all

Post has attachment
A Robot to Make Roti Automatically
Imagine a machine that churns out rotis at will. Just add flour, water and oil to dedicated slots in the  Rotimatic  machine, and it kneads, rolls and makes rotis automatically! There are also options for oil, thickness and roast levels. Rotimatic machine (...

Post has attachment

Post has attachment
SmeshApp: How Pakistan spied on Indian military personnel using an app from the Play Store
SmeshApp: How Pakistan spied on Indian military personnel using an app from the Play Store

The recent attack on the Pathankhot air force base, resulting in at least 6 deaths, was carried out with a marked degree of foresight and knowledge of the air base and operations. It has just come to light that part of that intelligence gathered for that attack was due to an app called SmeshApp.

Although Google removed SmeshApp from the Play Store, the damage has already been done.

Honeytraps on Facebook

Pakistan intelligence apparently set up fake accounts on Facebook (at least 10, reportedly) and established a honeytrap. The account would be used to entice soldiers into installing SmeshApp on their phones (more on that later). Accounts related to Air Force, Navy, Border Security Force (BSF) and Central Industrial Security Forces were targeted.

These honeytraps apparently bore an air of patriotism and legitimacy by ensuring that the friends list was filled with retired soldiers. Basically, the more soldiers the account ensnared, the more legitimate the accounts seemed.

Once trapped and SmeshApp installed, Pakistani intelligence acquired full access to all the personal data related to that soldier. This includes real-time updates of his location and even the ability to record the environment via the microphone.

How does SmeshApp work?

On the surface, SmeshApp is nothing more than a clone of WhatsApp or Telegram. As with most apps on the Google Play Store, the app asks for permission to access your contacts, photos and other such personal information.

The app then sends requests to all members in the infected phone’s contact list, building up a database of users and gathering information. This information can be in the form of photos, location data, messaging data, e-mail, browsing data, etc. Basically, everything you do on your phone is transmitted to an unknown server, which is now a slave to the app.

In the case of SmeshApp, the server was apparently hosted in Germany and was operated by someone from Karachi. Sadly, the information that was leaked contained vital information on troop movements and counter-terrorism operations.

If you really think about it, what SmeshApp did was nothing unusual. As mentioned earlier, most apps on the Play Store and App Store try to gather as much personal information as they can. Data, is after all, priceless. Services like Telegram and Whatsapp at least take the trouble to encrypt the data on their servers, at least, they claim they do. Can you know for sure?

SmeshApp had apparently been downloaded over 500 times and boasted of a rating of 4.0 at the time it was pulled from the store. Google issued a statement saying, “We remove applications that violate our policies, such as apps that are illegal, deceptive or that promote hate speech once notified. As a policy, we don’t comment on individual applications.”

What can the we do?

Apps like SmeshApp can and will flourish on app stores across platforms. Information is king and most app-makers depend on monetising your information to make money. If you really wanted to, even you could make an app like SmeshApp in record time and have it published.

As Pavan Duggal, an advocate specializing in the field of cyberlaw, pointed out to CNN-IBN, the only real defence is “individual due diligence.” In other words, you need to exercise caution on a personal level.

The army itself doesn’t seem to have any guidelines in place with regards to the online presence of their soldiers and it’s high time that they did. Simple steps such as the use of recommended apps, guidelines limiting the sharing of sensitive information, etc., need to be implemented. Pavan Duggal also talks about a unified cyber command, which has been in the works since a great many years.

Over the years, mobile phones have transformed from a simple device for making calls to a portable camera, a computer, and now a full-fledged IOT device that has access to virtually every aspect of your life. Care must be taken when using it, especially in such sensitive cases as military operations.

Post has attachment
कछुए और खरगोश की कहानी (जो आपने पहले नहीं सुनी

Post has attachment
How to Remove Shortcut,  Autorun  Virus? Find the Type of the virus in your PC and follow the steps for the respective Virus, What is Malware? Malwares are the Malicious Softwares used to make unwanted actions in your PC, Virus, worms, Spywares are some kin...

Post has attachment
New WhatsApp scam tricks users into opening malware sent by ‘friends’ Reports reveal that WhatsApp has been the target of a new scam which deceives users into disclosing personal information. According to  The Independent , the links appear to come from a f...

Post has attachment
Tips & Tricks for Whatsapp 1 .   Hide Two Images In One This trick is going viral in these days. Many times your friends have posted an image for you that first look like a beautiful baby but when you click on it will change to another image if you want to ...

Post has attachment
Want to know about Android Data Recovery Software please visit my blog

Post has shared content

Post has attachment
Check it out
Wait while more posts are being loaded