How A Pakistani Spy Used Bots To Lure 98 Targets
She “trapped” her targets by showing her videos and pictures with the help of a software malware released from a third-party server hosted in a West Asian country
KANPUR/LUCKNOW: The Pakistani spy who went by the Facebook nickname ‘Sejal Kapoor’ managed to hack into the computer systems of more than 98 officials from various defence forces and organisations, including the Indian Army, Air Force, Navy, paramilitary forces and state police personnel in Rajasthan, MP, Punjab and UP between 2015 and 2018.
She “trapped” her targets by showing her videos and pictures with the help of a software malware released from a third-party server hosted in a West Asian country. She was involved in the case related to the leak of classified data on BrahMos missile in 2018. TOI has accessed her chats and the details of the malware called ‘Whisper’ used by her. Malware is an abbreviated form of ‘malicious software’ that is specifically designed to gain access to or damage a computer, usually without the knowledge of the owner.
Sejal’s FB account had cropped up following the arrest of BrahMos senior systems missile projects engineer Nishant Agarwal by the UP anti-terrorism squad (ATS) and military intelligence (MI) for passing on classified information about the project to Pakistan spy agency ISI.
Sleuths in UP Police and MI have now unearthed more than five dozen chats of this female spy. “Well install whisper n check your desktop icon, open it and send me the code, lets talk there” the Pak spy agent says in one of the chats.
“Waiting dude? Installed? After installing u will see Whisper icon on ur desktop. Just send me the code, then we will good to go. just unzip it. n click install. it’s a chat app dude In UK, we all use that (sic)” she adds.
“Nope, its restricted. Its getting restricted. Whenever am trying to install it.” an Indian official replies.
Besides ‘Whisper’, another spy application used by Sejal that has come to the fore is called ‘Gravity Rat’. Both work on stealth mode and have “self-aware” detection techniques which make them extremely difficult to be recognised by anti-malware programmes installed in computers.
“It’s a malicious communication app. It uses a malware command. A hacker can use as many as 25 internet addresses to mask her identity,” said a top intelligence official, closely monitoring the probe.
“Instantly, after getting downloaded, the malware first prompts the user to key in a code. It’s to ensure that the app is not a virus or malware. Immediately after that, it scans all latest attachments sent from the computer in emails or downloads. It then scans all files with photographs, databases of MS Word and MS Excel, by first verifying their encryption keys and then opening their passwords,” said a senior intelligence official.
Sejal states in her FB profile that she’s an employee of a firm called ‘Growth Company’ in Manchester, UK. Her chats also reveal she would “force install” Whisper on computers of officials from several organisations.
No comments:
Post a Comment