Inspired by Soviet Union’s hybrid warfare techniques, India is using subtle propaganda strategy as well as cyber espionage techniques since it revoked Article 370 to end the special status of Indian-occupied Jammu and Kashmir. One can tune in to 92.7 BIG FM Jammu, while driving from Lahore to Gujrat via GT Road during morning rush hours and learn about the history of Jammu and Kashmir that glamorises the Dogra rule.

But now in the present political uncertainty where audio leaks were getting common, Indian cybersecurity company Innefu Labs (with alias Donot Team) released an app on Google Play Store known as nSure Chat which was projected as secure communication platform with next-generation encryption techniques which can’t be broken by the government. Links to this app were sent only to high profile politicians, journalists, scientists, and senior government officials. This app has been now removed from Google play store on numerous reports. More than 3000 individuals were invited to download this app but only around 100 chose to download it.

In the aftermath of the unfortunate May 9 incident, there was an increased demand of VPN apps for android to access blocked social media websites. Taking benefit of this opportunity, the same cybersecurity firm released an app on Google Play Store known as iKHfaa VPN under the flag of a fake company called SecurITY Industry. Less than 100 individuals were asked to download this app and around 10 personnel downloaded it.

Link to this app was again sent only to high profile Pakistani government officials, scientists and military officials as this was not a general-purpose espionage or ransomware mission. It mines locations of Pakistani individuals even if GPS is turned off (especially unmarked places on Google maps) and reads contact lists as well as messages and chats for confidential info.

The same company is also known to host malicious apps outside Play Store at https://mrlockerapp.com which is known to exhibit similar espionage behavior.