Sanjeev Pargal
JAMMU, Mar 18: As cyber terrorism assumed new dimensions, investigations have revealed that apart from SmeshApp, few more Apps had been used by the Pakistani hackers to steal data from computers and `Smart Phones’ of security forces in different States including Jammu and Kashmir.
The cyber experts, who have been conducting detailed investigations into the hacking of computers and `Smart Phones’ of security agencies, mainly the Army and some paramilitary forces, have identified Germany based Pakistani national, Sajid Rana, who originally hailed from Karachi, as the prime hacker, who executed the task of hacking computers and phones at the behest of Pakistani agencies, official sources told the Excelsior.
Saying that it was not only the SmeshApp, which had been used to steal data of security forces, sources pointed out that some more Apps too had been used for the similar purpose and they have been identified.
A fresh advisory issued by the Army has asked its officers and jawans not to download those Apps, which were being used for hacking the data of their officers and jawans. The Apps, according to sources, have been mentioned in the Advisory but their names haven’t been made public. They clarified that officers and jawans of security agencies have been adequately briefed or were being briefed on the Apps, which they shouldn’t download in any case.
Sources said that it was not only Pakistan but China had also benefited from the spy Apps, which the security personnel were lured to download through `honey traps’ and other means and then all kind of data including message, pictures and other information stolen from their mobile phones and computers.
Sajid Rana, who had developed SmeshApp, was reported to be a software engineer from Karachi but was presently based in Germany from where he used the modus operandi to steal the data. He was reported to have been provided requisite assistance by Pakistani spy agencies.
Investigations also revealed that the App was being used by ISI prior to the attack on Pathankot Air Force base on January 2 in which seven security personnel and six terrorists were killed.
As per the modus operandi, the security personnel were lured through fake Facebook profiles to download the App for chatting. Once the App was downloaded, it can then be used for tracking their movements.
“More than 12 Facebook profiles were used to lure soldiers into downloading the App, and over a dozen security personnel were unwittingly in touch with Pakistani handlers,” sources said.
“The SmeshApp spying scandal has a wide range of people who may have been involved in various attacks,” sources said, adding: “as the App will require software developers to create the applications, it just needs expert hackers who could hack into and can also take over the `Smart Phones’ and computers of the soldiers. Yet other experts would have been involved so as to collect and analyse the data from the hacked systems.
For instance, they pointed out, if the data, which is collected is being encrypted, experts will be required to decrypt it. Under the provisions of the IT Act, not only hackers themselves, but anyone with them to commit cyber terrorism will also be liable.
“This will also include hackers and other experts involved and also including the persons that have created the fake Facebook accounts,” sources said.
However, they added, if a person does not know why the App was being used for, then he will not be liable for cyber terrorism specifically. For cyber terrorism, these persons will then be punishable with imprisonment for life under the Information Technology Act. These persons will then be punishable under other Indian terrorism laws.