Fake Aadhaar Update APK File Causes Large-Scale WhatsApp Breach, Raising Mobile Security Concerns
A major Telangana WhatsApp breach caused by a fake Aadhaar update APK has triggered alerts statewide, highlighting rising cybersecurity threats, malware risks and the urgent need for stronger mobile security and cybercrime protection measures.
Tech Author
A massive cybersecurity incident in Telangana has sparked widespread concern, with many official WhatsApp groups related to cabinet ministers, top government officers, and journalists allegedly hacked. Early investigations indicate that hackers utilized a false SBI Aadhaar update notice to deceive customers into downloading a malicious APK file, allowing them to take control of the afflicted devices.
The intrusion began when customers got what appeared to be an urgent Aadhaar update message. The message contained a malicious APK file. When someone downloaded and opened it, the malware is thought to have obtained remote access to their phone, including their WhatsApp account and group controls. Several crucial groups, including ministers' official communication channels, media groups, the Chief Minister's Office (CMO) WhatsApp group, and the Deputy Chief Minister's group, are suspected of being compromised.
As screenshots and warnings circulated on social media, panic spread swiftly among government officials and journalists. Many users reported losing admin access to their groups, raising concerns about data theft, message misuse, and potential disclosures of sensitive information.
The Telangana Cyber Crime Police has already begun investigating the breach. Their main focus is on determining how many devices were compromised and protecting the affected WhatsApp groups. Officials are expected to issue a complete advisory once the scope of the attack has been determined.
Meanwhile, cybersecurity experts have issued severe caution to all WhatsApp users, particularly those managing government or sensitive communications. They warn consumers not to open any APK files provided via WhatsApp or SMS, to ignore unexpected Aadhaar or bank notifications, to enable two-factor authentication, and to report any unusual activity immediately. Experts noted that malicious APK files can secretly take complete control of a phone, making them extremely risky.
With the incident still under investigation, Telangana users have been advised to exercise caution. People are encouraged not to click on unexpected links, to avoid exchanging personal information, and to be alert until the malware has been completely isolated and systems secured. This incident emphasizes the growing need for enhanced mobile security, safer digital habits, and more awareness to prevent cyberattacks on government and public communication platforms.
Information referenced in this article is from News Meter
