LAGOS, Nigeria (VOICE OF NAIJA)—India has cautioned its citizens about a sophisticated malware threat aimed at Android users, capable of compromising sensitive data and granting hackers control over infected devices.
The advisory was issued by the Controller General of Defence Accounts, a department within India’s Defense Ministry, in response to the discovery of the Remote Access Trojan known as DogeRAT.
This malware, initially brought to attention by the cybersecurity startup CloudSEK, primarily targets Android users in India and is distributed through social media and messaging platforms disguised as legitimate apps such as ChatGPT, Opera Mini, and even fake “premium versions” of YouTube, Netflix, and Instagram.
Once installed on a victim’s device, DogeRAT gains unauthorized access to sensitive data, including contacts, messages, and banking credentials, as stated in the advisory dated August 24.
The malware allows hackers to take control of infected devices, enabling them to send spam, initiate unauthorized transactions, manipulate files, capture photos and keystrokes, track the user’s location, and record audio.
While the source of the threat remains unknown, the advisory highlights an incident in which a group of cybercriminals used Telegram to distribute counterfeit versions of popular apps like ChatGPT, Instagram, Opera Mini, and YouTube.
READ ALSO: Cybercrime: Indian PM Modi Calls for Global Collaboration Amid Tech Threats
The Defense Ministry has advised its departments and officials to avoid downloading apps from unverified third-party sources, clicking on links from unknown senders, and to keep smartphones updated with the latest software and security patches. They are also encouraged to install antivirus apps.
In a blog post in late May, CloudSEK noted that the open-source Android malware, based on Java, targeted users across various industries, including banking and entertainment.
The startup observed that while the campaign initially focused on Indian users, it had global aspirations.
The authors of DogeRAT demonstrated in a GitHub post that the malware campaign could be launched using a Telegram bot and an open-source NodeJS app hosting platform, according to CloudSEK researchers.
The emergence of the advisory was first reported by the local outlet Moneycontrol.
As India experiences increased digitization, cybersecurity breaches have surged in the country, which is now the world’s second-largest internet market after China.
The Indian IT ministry reported a 171% increase in cybersecurity incidents affecting government departments, rising from 70,798 in 2018 to 192,439 in 2022.
One notable cybersecurity incident targeted India’s largest public medical institution, the All India Institute of Medical Sciences (AIIMS), in New Delhi last year.
A ransomware attack impacted five servers containing a total of 1.3 terabytes of data, as disclosed by the government in its response to the parliament in December.