Latest news with #APK
Hans India
3 days ago
- Hans India
SP warns public against clicking on APK file links
Kurnool: District Superintendent of Police, Vikrant Patil on Tuesday issued a stern warning to the public not to click on or download APK (Android Application Package) file links being circulated through WhatsApp, Telegram, Instagram, SMS, and other platforms. He stated that cybercriminals are employing new tactics to deceive users, and opening such links could result in immediate hacking of WhatsApp and mobile phones, leading to severe financial and personal losses. Explaining the modus operandi through a press release on Tuesday, SP Vikrant Patil said cyber fraudsters are sending malicious APK links disguised as delivery updates, refund links, digital KYC updates, bank rewards, E-challans, PM Kisan documents, and free gift offers. Once a user downloads and installs these files, the app requests access to sensitive permissions like SMS, contacts, storage, call logs, and notifications. With this access, the criminals can completely control the phone, steal OTPs, banking details, and even siphon money from accounts. In more serious cases, the fraudsters gain access to a user's phone camera and microphone, collect personal data such as videos and audio recordings, and use them for blackmail. Vulnerable groups like the elderly, people with disabilities, students, unemployed youth, farmers, and online shoppers are being particularly targeted in these attacks. SP Patil urged the public to be extremely cautious and avoid interacting with any unknown or suspicious links. The district police advise everyone to only download apps from trusted platforms like the Google Play Store, review app permissions carefully, never share banking or UPI credentials, and uninstall suspicious apps immediately. Victims of such frauds should call the National Cyber Helpline at 1930, file a complaint at or report to the nearest police station.
Hans India
18-06-2025
- Hans India
DGP urges people to be cautious about cyber crimes
Vijayawada: With the rapid expansion of internet usage in the digital era, cyber crimes are also increasing at an alarming rate, said DGP Harish Kumar Gupta. He said that cyber attacks on personal information, banking details, and social media accounts have become very common these days and emphasised that every individual should be aware of cyber crimes. Gupta said cyber crimes can be curbed when every individual becomes aware of cyber safety, refrains from clicking on suspicious links, avoids responding to unknown calls, and never shares banking or personal details. In a press release on Tuesday, the DGP said in recent times social media accounts are frequently receiving APK (Android Package) files from unknown mobile numbers and groups — examples include: PM KISAN YOJANA No ICICI Bank Credit Card SBI Some of these APK files contain malware, spyware, or Trojan codes. When users unknowingly click on these APK files, personal information such as bank account details, passwords, contacts, messages, gallery files, etc., gets stolen from their phones and falls into the hands of hackers, the DGP warned. He said these cyber criminals not only empty the victim's bank accounts with a single click but also resort to blackmail using the stolen personal data. Some malicious apps are even capable of stealing OTPs received via SMS. The DGP narrated a recent incident in which the cyber criminals stole Rs 94,000 from SBI customers. He said recently a farmer from Kanaganapalli area in Sri Sathya Sai district received a fake APK file on WhatsApp with name of PM Kisan Yojana. Assuming it was an official app, the farmer downloaded it, which led to cyber criminals stealing Rs 94,000 from his SBI bank account. He suggested that the people to install proven antivirus/mobile security applications such as Avast, Norton, Bitdefender, etc., He said people should be cautious while using banking apps, and only conduct transactions through official banking applications. He further urged that anyone who falls victim to cyber crime should immediately call the helpline number 1930 or file a complaint at
Mint
12-06-2025
- Entertainment
- Mint
Aamir Khan found Shah Rukh Khan's Swades ‘boring', reveals why he rejected it
Bollywood's Mr Perfectionist, Aamir Khan, said he found filmmaker Ashutosh Gowariker's 'Swades', starring Shah Rukh Khan, 'very boring' and revealed that he was first offered the 2004 film. In a viral clip from an interview with Zoom, Aamir said he said 'no to Swades,' because 'I found it very boring.' He shared that Ashutosh had first pitched the movie, initially titled 'Kaveri Amma', during the shoot for the 2001 blockbuster Lagaan. 'Ashu narrated the story to me when we were making Lagaan. It was titled Kaveri Amma then,' the actor said, adding that he had liked the story 'very much' at the time, and had decided to take it up next. Soon after Lagaan was released, the filmmaker began working on the script of Swades, an Aamir Khan Productions (APK) film. 'After Lagaan was released, we made Ashu sit with a writer. AKP was producing it,' said Aamir. Aamir Khan said the three-hour narration for Swades bored him so much that he rejected the movie. 'When the story was ready, Ashu narrated it to me. It was a three-hour-long narration,' he said. Sharing his honest review with the filmmaker, the actor said that he told Ashutosh that he got bored. 'I told him, 'Mai bore ho gya hu. It's very important for you to hear this reaction'.' He also told Ashutosh that what he is trying to say through the script 'is very correct, noble, and important', but 'itne boring tareeke se kahega toh mujhe maza nhi aaega.' 'Baki log ka mujhe pata nhi, lekin mai bore ho gya hu,' Aamir said, adding that he suggested the filmmaker to make it more interesting. Aamir Khan also shared that he has never watched Swades; however, he said he trusts that Ashutosh Gowariker must have turned it into a masterpiece. He also mentioned that the audience loved Shah Rukh Khan's work in the movie. Swades is still regarded as one of King Khan's finest films to date. 'I've actually not seen the film yet. Maybe he'd have corrected it and people would've liked it then. I did note that people loved Shah Rukh's work in it,' said the actor.
Time of India
09-06-2025
- Time of India
Delhi Police arrests techie-turned-fraudster for credit card scam
NEW DELHI: A 24-year-old techie was arrested for allegedly developing a mobile application used to defraud people on the pretext of increasing their credit card limit, police said on Sunday. The BCA dropout turned APK developer was identified as Jay Kishan alias Rishab, a resident of Ghaziabad. He was arrested in neighbouring Noida following a raid, they said. Police said the arrest was made during the follow-up investigation of a cyber fraud case reported in March this year. Eight people, including five women, were earlier held in the case. "Jay Kishan was the technical mastermind behind the fake app used in scams. He has a background in app and website development and previously worked as a general manager in a private firm," DCP (Outer) Sachin Sharma said. Two mobile phones and a laptop used in the crime were seized. Stay informed with the latest business news, updates on bank holidays and public holidays . AI Masterclass for Students. Upskill Young Ones Today!– Join Now
Indian Express
25-04-2025
- Indian Express
Over 25 mn devices at risk: What is FatBoyPanel, the new malware targeting Indian users?
A dairy businessman, 44, from Dharashiv, received a WhatsApp call from someone posing as a bank official. The caller warned him that his account would be suspended unless updated immediately. When the victim panicked and asked how this issue could be resolved, the 'official' offered a simple solution – downloading a 'banking application,' the link of which would be shared on WhatsApp. The link reached him, and the victim downloaded the Android Package Kit (APK) file and installed it. What followed was 26 rapid transactions that drained his entire bank account. A sophisticated, malicious piece of software, called malware, was the reason. This isn't an isolated case. In recent years, scammers have increasingly targeted users through APK files laced with malicious software that hijack devices. This week, we take a closer look at one such malware: FatBoyPanel. What is malware? Malware, short for 'malicious software', refers to intrusive programs designed by cybercriminals to steal data or damage systems. Common types include viruses, worms, Trojans, spyware, adware, and ransomware. Recently, in a blog post on the website of Zimperium, a tech company that provides AI-driven mobile security that protects devices and apps from phishing, malware, and zero-day threats, the company said that their research team has identified a malware that steals from the Indian bank accounts: FatBoyPanel. What is FatBoyPanel? Nico Chiaraviglio, chief scientist at Zimperium, told that FatBoyPanel is a mobile-first banking trojan that has been discovered across nearly 900 different applications, primarily targeting Indian users. The attack begins with social engineering: scammers pose as officials or trusted entities and approach users via WhatsApp. They then send a malicious APK, encouraging the user to install it. Once installed, the app gains access to sensitive data and steals one-time passwords (OTPs) to execute unauthorised transactions. 'FatBoyPanel is mobile-first, optimised for Indian banking apps, and even supports real-time session hijacking. That makes it especially dangerous in the hands of low-skilled attackers,' said Akshat Khetan, a cyber-legal expert and founder of AU Corporate Advisory and Legal Services (AUCL). What distinguishes this malware? 'It uses a centralised command structure that controls multiple variants across campaigns, abuses live phone numbers for OTP redirection, and has exfiltrated data from over 25 million devices. This makes it far more organised and dangerous than traditional banking trojans. It is also a new banker trojan that shows constant evolution of threat actors,' Chiaraviglio said. The malware requests permission to read SMS messages, enabling it to capture OTPs and bypass two-factor authentication in real time. 'It hides its icon after installation and disables Google Play Protect, allowing it to stay hidden and maintain access,' Chiaraviglio said. 'Once permissions are granted, it embeds itself into the system and communicates with its control panel,' Khetan said, Breach fueled by social engineering The attackers pose as government agencies or trusted services, sending fake APKs via WhatsApp. This social engineering drives up installation rates,' Chiaraviglio said. He also shared some numbers: Over 1,50,000 stolen messages were found on the attacker panel, with more than 25 million compromised device records, highlighting the massive scale of this breach. 'The breach exposes how easily users can be manipulated into side-loading apps and how SMS-based OTPs remain a weak link, especially in regions relying on them for banking authentication,' he said. Pavan Karthick M, threat researcher III at CloudSEK, said, 'This campaign, active since late 2023, uses consistent infrastructure across all samples–FatBoyPanel. It's part of a growing trend where everyday platforms host Command and Control (C2) servers, giving cybercriminals both scalability and operational cover.' Khetan elaborated on how the malware acts: 'Once deployed, the malware can intercept SMS-based OTPs, log credentials and perform keylogging. It may also use Accessibility Services to perform actions on behalf of the user such as initiating fund transfers within banking apps. In some cases, attackers use remote access tools (RATs) embedded in the payload to execute transactions manually from the victim's device, bypassing traditional fraud detection mechanisms. How to protect yourself – Avoid sideloading APKs: Only use official app stores. – Enable Google Play Protect: Keep it on to scan for harmful apps. – Use mobile security software: Opt for real-time threat detection. – Verify app sources: Never trust unknown or unofficial links. – Check app permissions: Avoid granting SMS, call, or gallery access to unverified apps. Some malware can even delete itself to avoid detection, making user vigilance critical. 'To better protect users, banks must move away from SMS-based OTPs and embrace stronger multi-factor authentication. In-app protections and local-language awareness campaigns are also key,' Chiaraviglio said. The Safe Side As the world evolves, the digital landscape does too, bringing new opportunities—and new risks. Scammers are becoming more sophisticated, exploiting vulnerabilities to their advantage. In our special feature series, we delve into the latest cybercrime trends and provide practical tips to help you stay informed, secure, and vigilant online.
