Malicious Clones of Indian Army Apps Used in Espionage Campaign Targeting Army Personnel

Malicious clones of two Indian Army Android applications, ARMAAN and Hamraaz have been spotted in the wild. The clone apps are trojanized versions of legitimate applications used by the Indian Army to provide information and services to all ranks of the serving personnel. CloudSEK discovered the campaign in January 2022 and notified CERT Army. Subsequently, we continue to assist CERT Army with their investigations into the campaign.