https://arab.news/b3khb
- Two groups, with likely links to Indian and Pakistani governments, use bogus messaging apps to steal data
- Android users are said to be particularly vulnerable, though Apple enthusiasts are not entirely immune to the risk
ISLAMABAD: Two cyber espionage groups, with likely links to Indian and Pakistani governments, have been spying on people after convincing them to download bogus apps that masquerade as popular messaging services like WhatsApp, Signal and Telegram, said an American business magazine while quoting a Facebook report.
Cybersecurity has become a major concern for governments, corporate entities and individuals across the world amid their growing reliance on information and communication technologies.
Earlier this year, media reports mentioned Pegasus malware designed by an Israeli surveillance firm which was used to target global leaders, including senior European Union officials.
“Facebook says the malware can siphon off all kinds of information from an Android device, including call logs, contacts, files, text messages and geolocation data,” Forbes said in a news report. “It can also access a device’s camera and microphone.”
The publication noted that cyber espionage groups, Bitter APT and APT36, had been targeting people in the United Kingdom, Saudi Arabia, China and New Zealand, among other countries.
“Previously, Forbes reporting found links between Bitter APT and the Indian government, after the group had acquired an American company’s Microsoft Windows hacking tools,” it continued.
The magazine added: “Facebook also announced action on a Pakistan-based government hacking unit known as APT36. It, too, was creating Android spy tools masquerading as apps including WhatsApp, Chinese social network WeChat and YouTube.”
Forbes said Facebook had “identified 10,000 users across at least nine countries that may have been targeted by APT36 and Bitter APT.”
The report added the social media giant was also in the process of warning users directly on Facebook and Instagram against the threat.
“If we think that you might have come into any contact with any of these groups, we want to alert you and we want to tell you the tools that you can use to secure your online presence,” Mike Dvilyanski, Facebook’s head of cyber espionage investigations, told Forbes.
The magazine also maintained it was likely that Android was not the only target of the cyber espionage groups.
“Facebook also saw ... fake personas distributing links to downloads of an iPhone chat application,” it said, adding: “The company reported its findings to Apple.”
Forbes said it tried to contact Indian and Pakistani officials who did not respond to requests for comment.