Govt ordered quick probe into voter data theft: CM Bommai; Congress blames BJP
Bengaluru, Nov 19: Karnataka Chief Minister Basavaraj Bommai on Saturday said the government promptly initiated a police inquiry into the alleged theft of voter data. Bommai said this after the Congress began attacking him and demanding his resignation over the case. The Chief Minister told the Karnataka High Court to take up the case on its own. The BJP government said the probe should be initiated by a sitting judge.
"They (Congress) keep demanding judicial inquiry by a sitting judge. When they were in power, they had once ordered a judicial inquiry by a sitting judge into the Bangalore Development Authority case which helped them come clean, so they keep demanding," Bommai said.
"We quickly booked a criminal case and ordered a police inquiry into the case. Yesterday (Friday), a search was made and today the person was arrested. Further steps will be promptly taken," he told reporters in Mangaluru, over 370 km from here.
Meanwhile, Congress's Karnataka unit lodged a fresh complaint with the chief electoral officer Manoj Kumar Meena alleging that electoral fraud, malpractice, and manipulation of voters' list was done by the Chief Minister, State Higher Education Minister Dr C N Ashwath Narayan, the district election officer and chief commissioner of the Bengaluru Bruhat Mahanagara Palike (BBMP) Tushar Girinath and the directors of Chilume Trust.
Later, the State Congress president D K Shivakumar alleged that the Chilume Trust, which is in the middle of the controversy, has the password of the electoral roll software, which should remain only with the BBMP officials.
He charged the BJP government with involvement in the scam. "I appeal to the Chief Justice of the Karnataka High Court with folded hands on behalf of the voters of Karnataka to take up on the own, just as you intervened during the deaths due to oxygen shortage," Shivakumar told reporters after submitting a complaint to the chief electoral officer of Karnataka Manoj Kumar Meena.
The Congress's State chief alleged that a note-counting machine and a letterhead of a BJP leader were found at Chilume's office, which police raided after getting the complaint.
"When it was a not-for-profit organisation, how come there was a note-counting machine? Is black money being converted into white?" he sought to know.
At a press conference, the Congress national general secretary and Karnataka in- charge Randeep Singh Surjewala alleged Chief Minister was the kingpin of the scam.
"The VoterGate or voter data theft scam has exposed Basavaraj Bommai as the real kingpin," he said.
He said he sought to know why no FIR has been lodged against the Chief Minister who is in- charge of the Bengaluru city and the Bruhat Bengaluru Mahanagara Palike Chief Commissioner Tushargiri Nath.
The Congress general secretary wondered why a booth-level officer, appointed by Chilume Trust, was booked when he was a whistle-blower.
He aid Bommai termed the charges against him as baseless, but then a case was registered in this connection.
"Tell me which police officer has the power, audacity or authority to investigate into an FIR allegations of which were rejected by his own Chief Minister? Can the officer go against the Chief Minister. And what is the use of a farcical probe that Bommai says he is conducting," Surjewala said.
The Congress leader sought to know also as to who funded Chilume Trust to hire so many people to collect voter data across the city.
Let the Truth be known. If you read VB and like VB, please be a VB Supporter and Help us deliver the Truth to one and all.
TraceX Guard Strengthens National Safety Against Mobile Cyber Threats
India is witnessing a sharp rise in trojanised Android APK scams, as cybercriminals increasingly exploit fake government, banking, LPG, challan, and welfare scheme apps to seize full remote control of victims’ smartphones.
Cybersecurity investigators warn that attackers are now widely deploying Remote Access Trojan (RAT) malware, often powered by leaked builder kits such as CraxsRAT and heavily modified custom payload frameworks. Once installed, these malicious APKs can convert an ordinary Android phone into a fully controlled fraud device, enabling silent surveillance, banking theft, and mass scam propagation.
These malware campaigns are primarily being distributed through WhatsApp, Telegram, SMS phishing links, and fake APK download websites, where users are tricked into installing apps disguised as:
- e-Challan apps
- SBI KYC verification tools
- PM Yojana portals
- mParivahan clones
- LPG booking apps
- fake adult video call apps
As the scale of the threat intensifies, cybersecurity startup TraceX Labs has introduced TraceX Guard, positioning it as a frontline mobile defence platform against APK fraud, RAT infections, QR scams, and malicious permission abuse.
Fear-Based Social Engineering Behind the Surge
According to investigators, these frauds typically begin with panic-driven social engineering messages sent over WhatsApp or Telegram.
Common bait messages include:
- Your traffic challan has been issued
- Your SBI KYC is pending
- PM Yojana verification required
- Your LPG cylinder booking failed
- Your bank account will be blocked
These alerts often include fake challan numbers, vehicle details, Aadhaar-linked references, or forged bank notices, creating a sense of urgency that pushes victims to install the malicious APK without verification.
One of the most dangerous variants currently in circulation is a fake mParivahan-style application, which closely mimics India’s legitimate transport services interface while secretly embedding a hidden RAT payload.
How the Malware Takes Over Smartphones
Once installed, the malicious APK immediately requests dangerous permissions, including:
- Accessibility access
- SMS permissions
- Call logs
- Notifications
- File storage
- Battery optimization exemptions
Security researchers say Accessibility Service abuse remains the most critical attack vector, allowing the malware to silently:
- read screen contents
- detect banking and UPI apps
- auto-click Allow / Confirm / Pay buttons
- capture OTPs
- launch hidden overlays
- navigate banking sessions
- trigger silent fund transfers
Because these actions occur directly on the victim’s trusted device, attackers are often able to bypass traditional fraud detection systems.
Within minutes, victims may lose control over:
- bank balances
- UPI wallets
- Aadhaar and PAN scans
- contact lists
- personal photos and media
- incoming calls
- SMS OTPs
In many cases, the malware also self-propagates by forwarding malicious APK links through the victim’s own WhatsApp groups and Telegram chats, triggering a chain infection effect across trusted social circles.Fake RTO Challan APKs Become the Most Dangerous Variant
Among the most active campaigns, fake RTO challan APK scams have emerged as one of the most financially destructive.
Victims are first lured into paying a ₹1 “verification fee”, after which the malicious app requests highly sensitive information such as:
- card number
- expiry date
- CVV
- UPI PIN
- net banking credentials
- even ATM PINs
Cybersecurity experts stress that no legitimate government payment system ever asks for an ATM PIN inside an app, making this an immediate red flag.
Once payment details are entered, the embedded RAT intercepts OTPs and silently completes unauthorized transactions.
India’s Mobile Fraud Crisis Reaches Critical Levels
Investigators estimate that more than 70% of reported cyber fraud cases in India now originate from mobile devices, with millions of complaints linked to:
- malicious APKs
- phishing URLs
- QR scams
- RAT droppers
- banking session hijacks
- WhatsApp fraud chains
The impact is particularly severe across Tier-2 and Tier-3 regions, where smartphone adoption has expanded faster than awareness around:
- APK sideloading risks
- dangerous permissions
- fake banking overlays
- accessibility abuse
- WhatsApp APK scams
This has effectively turned Android smartphones into the primary battlefield of India’s financial cybercrime ecosystem.
TraceX Guard Introduced as a Real-Time Defence Layer
In response to this rapidly evolving threat landscape, TraceX Labs has launched TraceX Guard, an AI-powered multilingual Android security suite built specifically for India’s APK fraud ecosystem.
The platform offers:
- real-time APK scanning
- malicious permission detection
- hidden app discovery
- RAT behaviour monitoring
- QR & phishing URL safety grading
- OTP and SIM fraud alerts
- Wi-Fi hotspot verification
- ransomware defence
- India-specific scam intelligence feeds
- support for 10+ regional languages
Its offline-first AI architecture allows users to scan threats without uploading personal data, making it especially useful for privacy-conscious users and low-connectivity regions.
TraceX Labs says the system is specifically trained to detect patterns used in:
- fake challan scams
- counterfeit SBI APKs
- PM Yojana malware
- wedding invitation APK attacks
- honey-trap adult apps
- Telegram-based RAT droppers
From Phishing to Malware-Driven Financial Warfare
Cybersecurity analysts say this marks a major shift in India’s digital threat landscape.
What once began as simple phishing links has now evolved into malware-driven financial warfare at scale, where a single infected smartphone can silently compromise:
- families
- WhatsApp groups
- banking accounts
- local communities
- social trust networks
With losses from mobile-first fraud already running into tens of thousands of crores, experts believe the future of cyber defence will increasingly depend on preventive mobile security tools capable of stopping unsafe APKs before installation.
In that battle, TraceX Guard is emerging as one of the most important first lines of defence for India’s digital users.
Download Now : https://play.google.com/store/apps/details?id=com.tracexlabs.guard
