Pakistani App Used To Spy On Indian Army Removed By Google.
Google has removed an Android application called SmeshApp that Pakistani agencies had been using to get important data from the Indian army force from Google play store. As indicated by CNN-IBN, SmeshApp infects both computers and phone, allows third party access to information once installed. Reports also have shown that this app was used during the Pathankot attack earlier this year.
The spyware disguised itself has a calling and chat app. Once installed, the application would able to steal data such as text messages, phone calls, photographs, and even track the user’s GPS coordinates. Then the information sent over to a server situated in Germany, that is hosted from Pakistan city at Karachi.
All three services of the Indian military (Army, Navy, and Air Force) along with the Central Industrial Security Force (CISF) and the Border Security Force (BSF) were targeted. According to the report, fake Facebook profiles were used to trap officers into honey traps, with more than 10 such fake profiles being used.
The documented pictures taken from Google play store recommends that the website mentioned in the privacy policy Smeshapp.com is also hosted by the same person. The website is not available at the instant. Apart from showing the quantity of call and SMS made the application could even access the content on the phone. Security experts even believe that the location details and photographs might have been compromised.
India's communication minister Ravi Shankar Prasad told in an interview,
"I will get my officers to check how the spying was done through the app and what were the gaps in the security measures. We will take a follow-up action once we get the details". He added that "Tech companies like Google have to be alive to India's security concerns".
As per a statement issued by Google, right after it removed the app,
We remove applications that violate our policies, such as apps that are illegal, deceptive or that promote hate speech once notified. As a policy, we don’t comment on individual applications.
SmeshApp is simply a clone of WhatsApp or Telegram. Likewise with most apps on the Google Play Store, the applications ask for permission to access your contacts, photos, and other such personal information.Then app sends requests to all members in the infected phone’s contact list, developing a database of users and gathering information. This information can be in the form of photos, messaging data, location data, e-mail, browsing data, etc.
Source: Huffington Post
Source: Huffington Post