Data theft allegations reaches PM Modi’s doorstep, French vigilante hacker’s stunning revelation

1

A French vigilante hacker has made a stunning revelation accusing Prime Minister Narendra Modi of having compromised the personal data of millions of Indians, who had downloaded his personal mobile app.

French

In a series of tweets, Elliot Alderson alleged that the personal data including emails, photos, genders and names of the users of Modi’s mobile app were being sent to a third party domain without their consent.

Alderson wrote, “When you create a profile in the official @narendramodi #Android app, all your device info (OS, network type, Carrier …) and personal data (email, photo, gender, name, …) are send without your consent to a third-party domain called http://in.wzrkt.com (sic)”

The French cyber security researcher’s next revelation was even more worrying as he alleged that the domain, where the data of PM Modi’s app users were being sent, was a phishing link, owned by a company G-Data. Phishing is usually designed to steal internet users’ usernames, passwords, and credit card details (and money), often for malicious reasons, by disguising as a trustworthy entity in an electronic communication. This microsoft link explains everything about phishing and what one should do to not fall victim to its fraud.

Alderson wrote, “This domain is classified as a phishing link by the company G-Data. This website is hosted by and the whois info are hidden.”

Anderson said that the the domain in question belonged to Clever Trap. He wrote, “After a quick search, this domain belongs to an American company called . According to their description, “ is the next generation app engagement platform. It enables marketers to identify, engage and retain users and provides developers.”

Anderson asked Modi what he thought of sharing the personal data of ‘your users without their consent to a third-party company.’

He wrote, ” @narendramodi, I know privacy is not your thing but any thoughts about sharing the personal data of your users without their consent to a third-party company?”

Alderson is the same person, who had flagged that digital payments company Paytm was asking its Android users for ‘root access’ to their phones which would have effectively given the company complete access to a user’s device. This led to Paytm to stop asking for the access.

Earlier in March this year, he had also flagged security lapses by government websites that were found to be leaking Aadhaar details. He had written, “Hi @UIDAI and @ceo_uidai, let me show you one of the “unscrupulous elements”. This governmental website is leaking 4769 files. In this open directory you can find biometric data, #Aadhaar card scans and more.”

Reacting to Alderson’s tweets, Congress party’s chief spokesperson, Randeep Surjewala, asked, “IT Minister will not do a press conference on the NaMo App on these allegations of Data Chori! Will the media dare to question Modi ji on the functioning of his App? Will the brain behind this “Data Usurpation” be summoned? What about the 15 Lakh NCC cadets & their privacy?”

Surjewala’s ’15 lakh NCC cadets’ jibe was in connection with media reports on how the Director General of NCC had directed units across India to ask their cadets to compulsorily download Modi’s mobile apps by submitting personal data. The directive had said, “Mid March has been fixed for inviting the questions, queries and suggestions from the cadets via Modi App directly to the PM. To this end, the first step is the nominal roll of all the cadets of your DTE (BN wise). The nominal roll should have the Ser No, Name, Mobile No, email ID and remarks.”

The revelation had prompted the social media users to launch #DeleteNaMoApp campaign on Twitter, where the topic remained a top trend all throughout Friday. On Friday, Janta Ka Reporter exclusively reported how the ministry of defence headed by Nirmala Sitharaman may have compromised the personal data of 50 lakh ex-servicemen.

 

Pizza Hut

1 COMMENT

  1. In country like in where quality is always compromised of software with L1 quote, least quote (free facility) this is what happens compromising Data security. Note that devloper of app will have easy access to data until unless it is protected by Non disclosure agreement (NDA) signed on paper

LEAVE A REPLY

Please enter your comment!
Please enter your name here