| Submit your comments on this article |
| India-Pakistan |
| Information Warfare: Pakistan Pushes Poisoned Apps |
| 2018-06-21 |
| [StrategyPage] A group of Pakistani hackers, who specialize in surveillance software for parents to track their children (or a spouse) was apparently hired by the Pakistani intelligence agency (ISI, or Inter Service Intelligence agency) to create spyware (Stealth Mango for Android and Tangelo for IOS) versions and then help distribute it to some key government officials and civilians in Afghanistan, India, Iraq, Iran, the United Arab Emirates and Pakistan using Facebook Messenger. This approach uses a lot of “social engineering” as the hackers must contact the target individuals and persuade them to download an app that pretends to be something other than spyware. Most targeted individuals are either not interested or don’t trust the offer. The most secure (resistant to this spyware) cell phone was the iPhone and the spyware would only work on the small number of iPhones that that had been modified (“jailbroken”) to run apps that did not come from the Apple App Store. As usual, the Android phones were much more vulnerable. In any event, it appears that only about a dozen people were persuaded to install the app. That, it turned out, was enough key people to collect a lot of important data. The Stealth Mango/Tangelo effort was another intelligence-gathering operation that, in this case, collected a lot of sensitive data about American and Australian military and diplomatic activities. Collecting and transmitting the data (without the phone owner being aware) was how Stealth Mango/Tangelo was discovered (by an Australian Internet security company) in early 2018. Stealth Mango/Tangelo needed a lot of permissions on the infected phone in order to work and mostly went after data (documents and photos) as well as messages, location and contact lists. At least 40 GB of material was stolen from the infected phones by the hackers before Google and Apple were informed and victims were notified and the spyware was disabled. But it will be back. Actually, this sort of spyware has been around for quite a while and the latest ISI use of it was just another example. Moreover, this sort of thing is not unusual for the ISI as Pakistan and India have been using the Internet to spy on each other for decades. Even before the Internet became widely available in the late 1990s there was an ongoing "war" between Indian and Pakistani hackers. Most of this has been little more than vandalism (defacing web pages and the like), but there have been some more serious hacks. It was these nationalistic hackers Another fun fact is that Pakistan has always had the largest software developer and hacker community of any Moslem country. Early on Pakistan developed a large, and growing, software development industry of its own. In fact, the first known computer virus, the "Brain Virus" was written by Pakistani programmers in the late 1980s. "Brain" was created to help protect software a Pakistani firm had created and was selling, from pirating (illegal copies). But, instead, the Brain virus got out of control, and the rest is history. Pakistan has a lot of homegrown talent for their computer crime operations, and the ISI, to recruit from. |
| Posted by:3dc |