Fake Messaging Apps Espionage Campaign Targets Indian Users

Fake Messaging Apps Espionage Campaign Targets Indian Users
Discover how the Transparent Tribe's espionage campaign uses fake messaging apps like MeetsApp and MeetUp to target Indian users, compromising their data through sophisticated spyware.

In a sophisticated cyber espionage effort, Indian and Pakistani Android users are being targeted by a campaign deploying trojanized messaging apps. Operated by the Pakistan-linked advanced persistent threat group known as Transparent Tribe, also referred to as APT36, this campaign has been luring victims into installing apps embedded with CapraRAT spyware through romance scams. These apps, appearing as legitimate messaging services named MeetsApp and MeetUp, are actually fronts for exfiltrating sensitive data from victims’ devices.

The campaign utilizes the CapraRAT backdoor, a derivative of the open-source AndroRAT, akin to CrimsonRAT, indicating the high level of sophistication and the targeted nature of these attacks. Transparent Tribe, active since at least 2016, has been known for its cyberespionage operations aimed at collecting information beneficial to Pakistani military and diplomatic interests.

The operational security lapses by the operators of this campaign have inadvertently exposed personal identifiable information of the victims, allowing researchers to identify over 150 individuals primarily located in India, with others in Pakistan, Oman, Egypt, and Russia. Victims were tricked into downloading the trojanized apps through initial contact on different platforms, where they were convinced of the apps’ enhanced security features.

Furthermore, the campaign has been observed using various tactics to ensnare government and military officials, including the use of COVID-19 themed lures and decoys containing advisories targeting employees of the Government of India. This tactic, along with the use of themes related to the 7th Indian Central Pay Commission (7th CPC) in malicious documents, signifies the targeted approach of Transparent Tribe towards Indian government personnel.

The malicious apps facilitated by this campaign, once installed, grant the backdoor full functionality, including access to contacts, call logs, SMS messages, external storage, and the ability to record audio. This comprehensive access allows for a wide range of sensitive information to be exfiltrated from the victim’s device, underlining the severe privacy and security implications of the campaign.

This ongoing campaign underscores the evolving threat landscape in the region and the critical need for heightened cybersecurity awareness and practices among individuals and organizations alike.

About the author

Avatar photo

Swayam Malhotra

Swayam, a journalism graduate from Panjab University with 5 years of experience, specializes in covering new gadgets and tech impacts. His extensive coverage of software solutions has been pivotal in PC-Tablet's news articles. He specializes in analysing new gadgets, exploring software solutions, and discussing the impact of technology on everyday life.

Add Comment

Click here to post a comment

Follow Us on Social Media

Web Stories

Best performing phones under Rs 70,000 in December 2024: iQOO 13, OPPO Find X8, and more! realme 14X 5G Review Redmi Note 14 Pro vs Realme 13 Pro Most Affordable 5G Phones Under Rs 12000 in December 2024: Samsung, Redmi, Lava, Poco & More! Best mobile phones under Rs 35,000 in December 2024: realme GT 6T, Vivo T3 Ultra 5G and more! Best Mobile Phones under Rs 25,000 in December 2024: Nothing Phone 2(a), OnePlus Nord CE 4 Lite & More!