NEW DELHI: An alleged hacking group from Pakistan, known as the “Transparent Triber,” is reportedly using deceptive and malicious applications to target Android users in India. SentinelOne, a cybersecurity firm, has identified these applications, resembling YouTube, as a means for the group to disseminate the CapraRAT mobile remote access trojan (RAT).
According to SentinelOne, the CapraRAT toolset has been utilized for surveillance activities against spear-phishing targets, particularly those involved in affairs concerning the disputed region of Kashmir and human rights activists focusing on Pakistan-related matters.
The “Transparent Triber” hacker group has a history of targeting diplomatic and military personnel in both Pakistan and India. Cybersecurity researcher Alex Delamotte describes CapraRAT as an invasive tool granting hackers control over nearly all data on an Android smartphone.
“Transparent Tribe is a persistent actor with discernible patterns. Their relatively low operational security level allows for quick identification of their tools,” mentioned Delamotte.
“Individuals and organizations involved in diplomatic, military, or activist affairs within the India and Pakistan regions should assess their defence against this group and its threats,” he further added.
CapraRAT is an Android framework that conceals RAT features within another application. These applications are not accessible on the Google Play Store, compelling hackers to entice users into sideloading them onto their devices.
Transparent Tribe hackers disseminate these counterfeit Android apps through self-operated websites.
The group recently targeted the Indian education sector. In an earlier incident this year, they distributed CapraRAT Android apps disguised as a ‘dating service,’ carrying out spyware activities.
How Do These Apps Target Android Users?
-Gain access to and record using the phone’s front and rear cameras.
-Collect data on multimedia, SMS content, and call logs.
-Block incoming messages and send SMS messages.
-Make phone calls.
-Modify the phone’s file system using the file manager.
List of Malicious Apps:
Users are strongly advised to refrain from downloading or installing these apps to ensure their safety.