Indian authorities have issued a warning to the general public about a new form of malware that is being widely distributed via WhatsApp messages. The authorities have warned people against opening on WhatsApp messages purporting to originate from the National Defence Academy (NDA) and the National Investigation Academy (NIA) and clicking on the links that are included in the messages.
These two organisations are extremely popular in India, with members of the public being curious on learning about their operations. Observers note that the level of interest that Indians have towards these two institutions is one of the most crucial factors that are making is easy for the hackers to spread the malware as many people are likely to fall for the trap.
According to authorities, there is a sustained hacking campaign currently in progress in India. It appears that hackers have devised a simple way to spread a malicious program via fake WhatsApp messages.
Hackers are sending files that seem to be originating from the NDA or the NIA to unsuspecting users. The files, which are titled, ‘NDA-ranked-8th-toughest-College-in-the-world-to-get-into.xls’ and ‘NIA-selection-order-.xls,’ are primarily being distributed to people in India who use Android-based smartphones.
Once users click on the links included in the files, the malicious program executes, thus exposing users to the danger of losing their crucial log in details to websites and even bank account details.
India has been a popular destination for cheap smartphones that run on the Android platform for long. It has repeatedly been noted that this trend has presented both advantages and risks. As much as the trend has created a high level of internet penetration in the vast country, it has also created a good breeding ground for common hacking campaigns.
This recent attack comes at a time when organisations in India have been grappling with a growing trend of new hacking attacks. In the recent past, Indian authorities accused the Pakistani government of spying on Indian military personnel using SmeshApp, a popular app that runs on Android devices. Following the complaint, Google was forced to remove the app from its store for a while.
Recently, the Indian government accused Pakistani hackers of spying on Indian military personnel using sophisticated methods that relied on spoofed apps for games and music.
It is interesting to note that in the current case, Indian authorities have not pointed fingers but only asked people to be wary of the new type of malware.