Technology

NCERT Warns of Hackers Targeting Pakistanis through Android Apps

The National Computer Emergency Response Team (CERT) has issued a crucial advisory highlighting a surge in Advanced Persistent Threats (APTs) aimed at Pakistani officials through compromised Android applications. These malicious apps, available on the Google Play Store, are designed to discreetly siphon sensitive personal and financial data from users’ mobile devices after installation.

Upon installation, these applications can access and accumulate a vast amount of data, such as media files, contacts, calendar events, and message records, frequently without the explicit consent of the user. CERT’s findings are alarming in that they indicate that a portion of these applications have been employed to market Personally Identifiable Information (PII) of Pakistani citizens, thereby endangering the privacy and security of thousands.

The investigation conducted by CERT suggests that these hazardous applications are designed to appear as legitimate tools to persuade users to acquire them. They exploit these access rights to extricate private information undetected after permissions are granted, which raises significant concerns about financial fraud and identity theft. The threat to users’ security is further exacerbated by the fact that certain applications offer PII for sale on-demand, as reported in reports.

CERT’s advisory urges users to promptly eliminate suspicious applications by identifying several specific indicators of compromise (IOCs). The apps “Initial Test Preparation,” “Intelligence MCQs Test,” and “Pak eServices 2024,” which were developed by ITAppCoding, are among those that have been flagged for hazardous data practices. These applications exploit users’ trust by assuming the appearance of commonplace tools such as bill monitors or online purchasing portals, thereby obtaining extensive access to private data.

To counter this threat, CERT advises taking proactive measures, including verifying the identity of the app developers, carefully reviewing the permissions that the app is to be granted, and consistently reviewing the privacy policies to gain a comprehensive understanding of the data’s fate. Early threats should be identified by restricting permissions to only those that are essential, deploying Google Play Protect for a scan, and meticulously observing an application’s utilization to identify requests for vast amounts of data.

CERT strongly advises that individuals who have already installed these compromised applications uninstall them immediately and report the incident to the organization. To reduce the impact of a compromise, it is recommended that additional security measures be implemented, including the use of strong passwords, the implementation of multifactor authentication, and the regular backup of data. Additionally, it is recommended that users refrain from utilizing personal devices in sensitive environments and disable location services when not required.

CERT’s alert underscores the importance of vigilance and the need for users to take immediate action to safeguard their data against these emerging digital threats.

Sponsored
Tehniyat Zafar

Share
Published by
Tehniyat Zafar
    Sponsored

Recent Posts

Woman Killed in Islamic University Bus Incident in Islamabad

Islamabad: A fatal accident in Faizabad on Wednesday resulted in the death of a woman…

17 mins ago

Senate Defers Income Tax Amendment Bill 2025 Amid Trade and Transparency Concerns

Islamabad: The Senate Standing Committee on Finance and Revenue convened under the chairmanship of Senator…

1 hour ago

SBP Announces Bank Holiday for Zakat Deduction on First Day of Ramadan

Islamabad: The State Bank of Pakistan (SBP) has declared the first working day of Ramadan…

1 hour ago

Why Is Pakistan’s Internet Expensive and Slow? Here’s How New Gateways Can Fix It

Islamabad: Pakistan’s internet infrastructure faces growing criticism as industry experts and stakeholders raise concerns over…

2 hours ago

Electrolux and PEL Announce Partnership for Home Appliance Expansion in Pakistan

Karachi: Pak Elektron Limited (PEL) has announced a partnership with Electrolux AB, a global home…

4 hours ago

Shaniera Akram Slams Social Media Page for False ‘Divorce XI’ Listing of Wasim Akram

Former Pakistan cricket captain and legendary fast bowler Wasim Akram has been falsely listed in…

5 hours ago