NIA (National Investigation Agency) has started an inquiry into the use of fake Facebook profile through which various defense personnel was contacted and their devices hacked using malware for personally identifiable information. NIA suspects that the main account was being handled from Pakistan. Vijaywada Counter Intelligence Cell first found the spying campaign in 2020, after which it registered a case under several provisions of IPC, Official Secrets Act, Information Technology Act, and UAPA (Unlawful Activities Prevention Act).
According to the allegation, confidential information related to national security was hacked via remotely deploying a hidden malware into electronic devices, which includes mobile phones and computers, belonging to defense personnels and other defense agencies via a FB account with the profile name "Shanti Patel." Actors handling the account added concerned personnel via private Facebook messenger chats on the web.
The victims' devices were hacked using malware to get unauthorized access to confidential data of computer resources and steal sensitive information with an aim to carry out acts of terrorism and threaten the unity, integrity, and sovereignty of India. As per the report from Counter Intelligence Cell, the threat actors distributed the malware by sending a folder that contained photos of a woman to the defense personnels. The evidence suggests that malware originated somewhere from Islamabad. A similar case happened last year where the police arrested army personnel in Rajasthan, the accused was posted in Sikkim.
The Hindu reports "on October 31, 2020, following a tip-off from the Military Intelligence, the Rajasthan police nabbed one Ramniwas Gaura, a civilian working with a Military Engineering Services (MES) unit. The accused had been contacted using a Facebook profile by someone using pseudonyms Ekta and Jasmeet Kour. They then remained in touch on Whatsapp. "In the recent years, multiple attacks targeting defense agencies using social media have surfaced." The handlers usually send money to the information providers through the ‘hawala’ channel. Several preventive measures have been taken by the agencies concerned,” an official said," says the Hindu.
An inquiry into mental health and prayer apps disclosed a problematic lack of concern around user security and privacy. Last Monday, Mozilla published the findings of new research about these kinds of apps, which mostly deal with sensitive issues like depression, anxiety, mental health awareness, PTSD, domestic violence, etc., and religion-based services. Mozilla's recent "Privacy Not Included," guide says that even though these apps manage personal information, they regularly share data, allow easy passwords, pick vulnerable users via targeted ads, and show poorly written and vague privacy policies.
Since December 1, Russian users have started reporting problems connecting to the Tor network, which is used to connect anonymously to the Internet.
State Duma deputies believe that restricting access to the Tor browser in Russia will make it possible to resist crime more effectively, the blocking process itself will be lengthy and difficult, but Roskomnadzor is improving technologies.
"All over the world, there is a fight against the negative sides of the Internet: online fraud, the distribution of illegal content (child pornography), the sale of personal and payment data of users, the distribution of drugs and weapons," said Alexander Khinshtein, head of the State Duma Committee on Information Policy, Information Technology and Communications.
The parliamentarian recalled that Russia is working to combat cyber fraud systematically and quite effectively, a number of relevant laws have already come into force. For example, blocking mobile phones on the territory of correctional institutions, as well as blocking calls from fake numbers from abroad under the guise of Russian ones.
He also stressed that blocking the darknet is a necessary step towards creating a secure digital environment. According to him, the darknet is an obvious concentration of all the most negative, illegal things that exist in the real and digital world today.
In turn, Anton Gorelkin, the deputy chairman of the State Duma Committee on Information Policy, Information Technology and Communications, wrote in his Telegram channel that he welcomes the decision of Roskomnadzor to start blocking Tor. He added that 60% of Tor's costs are covered by funding from the US government.
The Tor developers themselves note that Russia is the second country in the world in terms of the number of browser users, it is used by more than 300 thousand Russians. "Blocking Tor will not hurt those who do not sell stolen personal and payment data of people, are not interested in child pornography and the purchase of drugs," Mr. Gorelkin stressed.
On December 1, users from Moscow began to report problems with access. It is claimed that Tor was blocked by Rostelecom. "On the night of December 3, several telecom operators, including Rostelecom, MTS, Tele 2 and others, reported network malfunctions," the OONI online censorship tracking project reported.
The expert noted that indirect signs such as meta-information in packets can be used to block traffic in Tor. He added that access to Tor can be blocked by blocking specific servers by IP.
"So far, the use of "bridges" helps <...>, but the lists of bridges are also quite public," Misbakh-Solovyov added. Bridges are anonymous user nodes that do not send information about their IP to the provider's servers. The developers claim that this connection method allows to connect to the network even in countries where Tor is officially blocked.
Anton Gorelkin, deputy chairman of the State Duma Committee on Information Policy, Information Technologies and Communications, said that "the restriction of VPNs and anonymizers will have a positive impact on the Russian segment of the network. It will protect Russians from discursive content, all scammers. The founders of Tor, hiding behind a pseudo-liberal agenda, created a service that became an infrastructure for fraudsters, drug sales. This is the entrance to the darknet, where stolen databases and fraudulent schemes are concentrated. Blocking Tor is not only about protecting citizens from destructive content. Blocking will improve the network climate in general. On one side of the scale are some pseudo-liberal values, and on the other side — drug sales, destructive content, scammers."
In 2017, anonymizers and blocking bypass tools were banned in Russia. Since June 2021, Roskomnadzor began blocking VPN services, arguing that their use retains access to child pornography, illegal information about drugs and extremism.