Technology

NCERT Warns of Hackers Targeting Pakistanis through Android Apps

The National Computer Emergency Response Team (CERT) has issued a crucial advisory highlighting a surge in Advanced Persistent Threats (APTs) aimed at Pakistani officials through compromised Android applications. These malicious apps, available on the Google Play Store, are designed to discreetly siphon sensitive personal and financial data from users’ mobile devices after installation.

Upon installation, these applications can access and accumulate a vast amount of data, such as media files, contacts, calendar events, and message records, frequently without the explicit consent of the user. CERT’s findings are alarming in that they indicate that a portion of these applications have been employed to market Personally Identifiable Information (PII) of Pakistani citizens, thereby endangering the privacy and security of thousands.

The investigation conducted by CERT suggests that these hazardous applications are designed to appear as legitimate tools to persuade users to acquire them. They exploit these access rights to extricate private information undetected after permissions are granted, which raises significant concerns about financial fraud and identity theft. The threat to users’ security is further exacerbated by the fact that certain applications offer PII for sale on-demand, as reported in reports.

CERT’s advisory urges users to promptly eliminate suspicious applications by identifying several specific indicators of compromise (IOCs). The apps “Initial Test Preparation,” “Intelligence MCQs Test,” and “Pak eServices 2024,” which were developed by ITAppCoding, are among those that have been flagged for hazardous data practices. These applications exploit users’ trust by assuming the appearance of commonplace tools such as bill monitors or online purchasing portals, thereby obtaining extensive access to private data.

To counter this threat, CERT advises taking proactive measures, including verifying the identity of the app developers, carefully reviewing the permissions that the app is to be granted, and consistently reviewing the privacy policies to gain a comprehensive understanding of the data’s fate. Early threats should be identified by restricting permissions to only those that are essential, deploying Google Play Protect for a scan, and meticulously observing an application’s utilization to identify requests for vast amounts of data.

CERT strongly advises that individuals who have already installed these compromised applications uninstall them immediately and report the incident to the organization. To reduce the impact of a compromise, it is recommended that additional security measures be implemented, including the use of strong passwords, the implementation of multifactor authentication, and the regular backup of data. Additionally, it is recommended that users refrain from utilizing personal devices in sensitive environments and disable location services when not required.

CERT’s alert underscores the importance of vigilance and the need for users to take immediate action to safeguard their data against these emerging digital threats.

Sponsored
Tehniyat Zafar

Share
Published by
Tehniyat Zafar
    Sponsored

Recent Posts

Nvidia’s AI Chips Drive Massive 80% Revenue Growth

The latest earnings report from chipmaker Nvidia surprised Wall Street with a revenue increase of…

47 seconds ago

Tecno to Showcase Its Latest AI Product Ecosystem at MWC Barcelona 2025

As per GSMA’s official MWC Barcelona 2025 website and Tecno’s latest updates, the brand is…

8 mins ago

HBL Approves Rs2 Billion Investment in Microfinance Subsidiary

KARACHI: Habib Bank Limited (HBL) has announced a significant investment, approving up to Rs2 billion…

25 mins ago

Rajab Butt vs Umer Butt: Social Media Feud Turns Legal as Police Register Case

LAHORE: Popular YouTuber Rajab Butt and seven others have been booked for allegedly threatening TikToker…

1 hour ago

Hackers Can Secretly Track Any Bluetooth Device Using Apple’s Find My Network

Users may effortlessly locate their devices and accessories, including AirTag, through Apple's Find My network.…

2 hours ago

OPPO Find N5 Review: The World’s Thinnest Foldable, Packed with Power

Oppo set out with a clear goal when designing the Find N5: to create the…

2 hours ago