Fake DigiYatra Apps Attacking Indian Users to Steal Financial Data

Listen to this Post

Featured Image
A sophisticated phishing campaign targeting Indian air travelers has emerged, exploiting the trusted DigiYatra brand to harvest sensitive personal and financial information from unsuspecting users. The malicious operation centers around a deceptive website at `digiyatra[.]in` that masquerades as the official government-backed digital travel platform while secretly collecting user credentials and personal data for fraudulent purposes.

🔗 Source: Cyber Security News

You Should Know:

How to Detect & Avoid Fake Apps

1. Verify Official Sources

  • Only download apps from the Google Play Store or the official DigiYatra website.
  • Check the developer name (e.g., DigiYatra India).

2. Check App Permissions

  • Use `adb` (Android Debug Bridge) to analyze app permissions before installation:
    adb shell dumpsys package <package_name> | grep permission
    
  • Legitimate apps won’t request unnecessary permissions like SMS access or call logs.

3. Detect Malicious APKs

  • Use VirusTotal to scan suspicious APKs:
    curl -X POST https://www.virustotal.com/vtapi/v2/file/scan --form apikey=<API_KEY> --form [email protected]
    
  • Analyze APK metadata with Apktool:
    apktool d fake_digiyatra.apk -o output_dir
    

4. Phishing Website Detection

  • Use whois to check domain registration:
    whois digiyatra.in
    
  • Verify SSL certificates with OpenSSL:
    openssl s_client -connect digiyatra.in:443 | openssl x509 -noout -text
    

5. Enable 2FA & Monitor Accounts

  • Use Google Authenticator or Authy for 2FA.
  • Check breached credentials with Have I Been Pwned:
    curl -s "https://haveibeenpwned.com/api/v3/breachedaccount/<email>" -H "hibp-api-key:<API_KEY>"
    

Linux & Windows Commands for Cybersecurity

  • Check Running Processes (Linux):
    ps aux | grep -i digiyatra
    
  • Block Malicious Domains (Windows):
    Add-Content -Path "C:\Windows\System32\drivers\etc\hosts" -Value "0.0.0.0 digiyatra.in"
    
  • Network Traffic Analysis (Linux):
    tcpdump -i eth0 -w digiyatra_traffic.pcap
    

What Undercode Say

Fake apps and phishing campaigns will continue evolving, leveraging AI-generated deepfake voices and cloned government portals. Always:
– Use sandbox environments (docker run --rm -it ubuntu bash) to test suspicious apps.
– Monitor app behavior with Wireshark and Frida.
– Report fake apps to CERT-In (India’s cybersecurity agency).

Prediction

Cybercriminals will increasingly impersonate government apps in India, targeting Aadhaar, banking, and travel data. Expect more fake UPI, IRCTC, and DigiLocker apps in 2024-25.

Expected Output:

Fake DigiYatra Apps Attacking Indian Users to Steal Financial Data 
- Detection: adb, VirusTotal, Apktool 
- Prevention: 2FA, domain blocking, traffic analysis 
- Future: AI-driven govt app impersonation 

References:

Reported By: Omar Ahmed – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅

Join Our Cyber World:

💬 Whatsapp | 💬 Telegram