The investigation ran by CNN-IBN revealed the SmeshApp in Google Play Store is a spyware app used to collect data from the Indian Army personnel. Google has now removed the app which was being used by Pakistan intelligence agencies. The crucial information about the troop movement and data about the counter terrorism operation was being obtained by the Pakistani agencies through this app.
The personal computers of soldiers were also infected due to this smartphone app as the virus made its way to various devices. The personal information in the hacked device could have been accessed by third party any time. This included phone logs, recordings, photos and texts in the memory. The reporters tracked down the location of the server which collected the data. The Germany based server was hosted by the man in Karachi.
The Indian Army is trying to take various steps to prevent leaks of information through mediums such as social media and messaging apps. The investigation also pointed out that the same app was used during the attack on Indian Air Force base at Pathankot in January 2016. The Pakistani handlers were getting access to important information regarding troop movements due to this.
The incidents of soldiers being honey trapped are also increasing. The Indian Army men are being lured by ISI, Pakistani Intelligence agency, through fake Facebook profiles of girls. Soldiers are sharing operational information with Pakistan through Facebook chats. Other branches of the armed forces are also affected due to this. The Central Industrial Security Force (CISF) and Border Security Force (BSF) have been targeted as well.
The army has already issued guidelines for the use of digital communication apps and social media after Pathankot attack. As per the guideline, the organization has advised soldiers not to disclose their rank and posting in the profile. Google has now removed the spyware app after the Indian army took notice of this.