NIA initiates probe into malware attack on e-devices of defence personnel


The National Investigation Agency (NIA) has launched a probe into the use of a fake Facebook profile through which several defence personnel were contacted and their communication devices accessed using a malware for security sensitive information. The agency suspects that the account was being operated from Pakistan.

The Counter Intelligence Cell in Vijayawada first detected the spying operation in 2020, following which it registered a case under various provisions of the Indian Penal Code, Official Secrets Act, Information Technology Act and the Unlawful Activities (Prevention) Act.

As alleged, information related to national security was stolen by remotely injecting a concealed malware into the electronic devices, including mobile phones and computers, of the defence personnel and some others working in defence establishments through the Facebook account opened in the name of “Shanti Patel”. Those operating the account befriended the personnel concerned via private messenger chats on the Internet.

The targeted individuals’ gadgets were infected using the malware to “gain unauthorised access to the restricted data of the computer resources and to steal sensitive information with an intention to commit terrorist act and endanger the unity, integrity and sovereignty of India…”.

Malware originated from Islamabad

According to the First Information Report registered by the Counter Intelligence Cell, the suspects spread the malware by sending to the personnel a folder containing photographs of women. The prima facie evidence indicated that the malware had originated from somewhere in Islamabad.

In a similar case reported in March 2021, the police arrested an Army jawan in Rajasthan. The accused was posted in Sikkim.

On October 31, 2020, following a tip-off from the Military Intelligence, the Rajasthan police nabbed one Ramniwas Gaura, a civilian working with a Military Engineering Services (MES) unit. The accused had been contacted using a Facebook profile by someone using pseudonyms Ekta and Jasmeet Kour. They then remained in touch on Whatsapp.


In another case reported in September 2020, an MES employee named Mahesh was arrested in Rewari after he was…