The Cabinet Division has issued an advisory on 133 malicious applications developed by hostile intelligence agencies to steal information.
According to the advisory issued by the cabinet division, the Government of Pakistan has updated the list of malicious applications involved in hacking and stealing information.
13 new malicious applications being used by hostile intelligence agencies for espionage have been identified. The newly identified applications are chat-cum-hacking apps, which are used to trap government officials to extract classified information through technical and blackmailing measures.
The cabinet division has sent a list of 133 malicious applications to government departments, ministries, and divisions and asked government officials to avoid using these applications.
The advisory asks anyone who accidentally installs such an application to immediately note down contact details (WhatsApp number/Facebook lD etc) of the suspected individual who shared the link for downloading the application for reporting the same to the CSO of their own organization and immediately switch off the infected mobile phone, remove battery & SIM and disconnect from the internet. It also recommends sharing the subject information of incidents with all persons and saved contacts for their security.
The advisory recommends government officials always check application permissions before installation of applications and install applications from Google/Apple Play Store only. It also advises regularly sensitizing the under command/civil staff about malicious actors’ tactics, techniques, and procedures; moreover, all personnel (officers/staff) be sensitized to refrain from engaging in activities that may lead to exploitation.
The advisory recommends installing and updating reputed antivirus solutions on Android devices like AVAST or Kaspersky. After installation, scan the suspected device with antivirus solutions to detect and clean infections. It also recommends reviewing the app details, number of downloads, user reviews/ comments, and the “ADDITIONAL INFORMATION” section before downloading and installing apps on Android devices.
The advisory asks individuals and government officials not to enable the installation of apps from “Untrusted Sources” in mobile settings and to install Android updates and patches as and when available from Android device vendors.
It also recommends abstaining from downloading or opening attachments in emails received from untrusted sources or unexpectedly received from trusted users and forwarding them to government officials.
The advisory also recommended avoiding using insecure and unknown Wi-Fi networks as hostile elements use Wi-Fi access points in public places for distributing malicious applications and use two-factor authentication on all internet Banking Apps, WhatsApp, social media, and Gmail Accounts. It also recommends training individuals and government officials about cyber security measures for personal smart appliances.