Inquiry ordered into alleged voter data theft after apprehension of impersonation: K'taka CEO Meena
Bengaluru (PTI): In the midst of Congress party's allegations of voter data theft, Chief Electoral Officer of Karnataka Manoj Kumar Meena said the inquiry was ordered following apprehension of impersonation by an NGO during the voter awareness drive'.
"The Bruhat Bengaluru Mahanagara Palike (BBMP) commissioner had some information. We have the apprehension that there is impersonation and it has to be inquired. Ultimately, after the police investigation and our Divisional Commissioner inquiry, we will come to know what is there in it," Meena told PTI.
The Congress in Karnataka has alleged that the Chilume Educational Cultural and Rural Development Institute ( Chilume Trust') hired many private people who were given fake identity cards impersonating Booth Level Officers (BLOs) of BBMP.
The opposition party alleged that the private trust, which was assigned by the Bengaluru civic agency to spread awareness among voters, collected details of the voters such as name, mother tongue, gender, religion, caste, voter ID number and the Aadhaar number.
Meena declined to comment on the complaint by the Congress with the State Election Commission regarding the voter data theft.
He said the reason behind the suspected impersonation will come out only after the probe.
"Let's wait for the inquiry. If I comment anything, it will compromise the inquiry. We will not say about the merit of the complaint. The regional commissioner is entrusted with the inquiry. Let the truth come out. Then we will take action as per the recommendation," the CEO said.
The Congress alleged that the Chilume Trust also fed the information collected from voters into its private app.
To a question whether his office would revisit the deletion of 6.73 lakh names from the electoral roll in Bengaluru following the "revelation", he said addition and deletion are a regular process and there was no need to revisit it again.
According to Meena, in the city 6.73 lakh names were deleted and about three lakh new names added to the electoral roll.
He added that the Election Commission of India carried out a major exercise to find out "photo-similar" entries in the electoral roll using a software in the country.
Using the software, 16 lakh entries were deleted from the electoral roll from across Karnataka including 6.73 lakh from Bengaluru after the verification by the BLOs.
According to him, about one crore such entries were deleted including around 15 lakh in Tamil Nadu and 14 lakh in Maharashtra.
On the Congress' charge that the directors of the Chilume trust, which is in the middle of the controversy, have not been named in the FIR, Meena said the NGO has been mentioned in it, which itself means that those heading the organisations have been named.
The BBMP had given permission to the Chilume Trust to conduct 'Systematic Voters Education and Electoral Participation (SVEEP), a voter awareness drive by the Election Commission, in Karnataka, where Assembly elections are due next year.
BBMP said last week that the Trust violated the conditions of the permission and asked the public not to share any voter details with representatives of the NGO.
Let the Truth be known. If you read VB and like VB, please be a VB Supporter and Help us deliver the Truth to one and all.
TraceX Guard Strengthens National Safety Against Mobile Cyber Threats
India is witnessing a sharp rise in trojanised Android APK scams, as cybercriminals increasingly exploit fake government, banking, LPG, challan, and welfare scheme apps to seize full remote control of victims’ smartphones.
Cybersecurity investigators warn that attackers are now widely deploying Remote Access Trojan (RAT) malware, often powered by leaked builder kits such as CraxsRAT and heavily modified custom payload frameworks. Once installed, these malicious APKs can convert an ordinary Android phone into a fully controlled fraud device, enabling silent surveillance, banking theft, and mass scam propagation.
These malware campaigns are primarily being distributed through WhatsApp, Telegram, SMS phishing links, and fake APK download websites, where users are tricked into installing apps disguised as:
- e-Challan apps
- SBI KYC verification tools
- PM Yojana portals
- mParivahan clones
- LPG booking apps
- fake adult video call apps
As the scale of the threat intensifies, cybersecurity startup TraceX Labs has introduced TraceX Guard, positioning it as a frontline mobile defence platform against APK fraud, RAT infections, QR scams, and malicious permission abuse.
Fear-Based Social Engineering Behind the Surge
According to investigators, these frauds typically begin with panic-driven social engineering messages sent over WhatsApp or Telegram.
Common bait messages include:
- Your traffic challan has been issued
- Your SBI KYC is pending
- PM Yojana verification required
- Your LPG cylinder booking failed
- Your bank account will be blocked
These alerts often include fake challan numbers, vehicle details, Aadhaar-linked references, or forged bank notices, creating a sense of urgency that pushes victims to install the malicious APK without verification.
One of the most dangerous variants currently in circulation is a fake mParivahan-style application, which closely mimics India’s legitimate transport services interface while secretly embedding a hidden RAT payload.
How the Malware Takes Over Smartphones
Once installed, the malicious APK immediately requests dangerous permissions, including:
- Accessibility access
- SMS permissions
- Call logs
- Notifications
- File storage
- Battery optimization exemptions
Security researchers say Accessibility Service abuse remains the most critical attack vector, allowing the malware to silently:
- read screen contents
- detect banking and UPI apps
- auto-click Allow / Confirm / Pay buttons
- capture OTPs
- launch hidden overlays
- navigate banking sessions
- trigger silent fund transfers
Because these actions occur directly on the victim’s trusted device, attackers are often able to bypass traditional fraud detection systems.
Within minutes, victims may lose control over:
- bank balances
- UPI wallets
- Aadhaar and PAN scans
- contact lists
- personal photos and media
- incoming calls
- SMS OTPs
In many cases, the malware also self-propagates by forwarding malicious APK links through the victim’s own WhatsApp groups and Telegram chats, triggering a chain infection effect across trusted social circles.Fake RTO Challan APKs Become the Most Dangerous Variant
Among the most active campaigns, fake RTO challan APK scams have emerged as one of the most financially destructive.
Victims are first lured into paying a ₹1 “verification fee”, after which the malicious app requests highly sensitive information such as:
- card number
- expiry date
- CVV
- UPI PIN
- net banking credentials
- even ATM PINs
Cybersecurity experts stress that no legitimate government payment system ever asks for an ATM PIN inside an app, making this an immediate red flag.
Once payment details are entered, the embedded RAT intercepts OTPs and silently completes unauthorized transactions.
India’s Mobile Fraud Crisis Reaches Critical Levels
Investigators estimate that more than 70% of reported cyber fraud cases in India now originate from mobile devices, with millions of complaints linked to:
- malicious APKs
- phishing URLs
- QR scams
- RAT droppers
- banking session hijacks
- WhatsApp fraud chains
The impact is particularly severe across Tier-2 and Tier-3 regions, where smartphone adoption has expanded faster than awareness around:
- APK sideloading risks
- dangerous permissions
- fake banking overlays
- accessibility abuse
- WhatsApp APK scams
This has effectively turned Android smartphones into the primary battlefield of India’s financial cybercrime ecosystem.
TraceX Guard Introduced as a Real-Time Defence Layer
In response to this rapidly evolving threat landscape, TraceX Labs has launched TraceX Guard, an AI-powered multilingual Android security suite built specifically for India’s APK fraud ecosystem.
The platform offers:
- real-time APK scanning
- malicious permission detection
- hidden app discovery
- RAT behaviour monitoring
- QR & phishing URL safety grading
- OTP and SIM fraud alerts
- Wi-Fi hotspot verification
- ransomware defence
- India-specific scam intelligence feeds
- support for 10+ regional languages
Its offline-first AI architecture allows users to scan threats without uploading personal data, making it especially useful for privacy-conscious users and low-connectivity regions.
TraceX Labs says the system is specifically trained to detect patterns used in:
- fake challan scams
- counterfeit SBI APKs
- PM Yojana malware
- wedding invitation APK attacks
- honey-trap adult apps
- Telegram-based RAT droppers
From Phishing to Malware-Driven Financial Warfare
Cybersecurity analysts say this marks a major shift in India’s digital threat landscape.
What once began as simple phishing links has now evolved into malware-driven financial warfare at scale, where a single infected smartphone can silently compromise:
- families
- WhatsApp groups
- banking accounts
- local communities
- social trust networks
With losses from mobile-first fraud already running into tens of thousands of crores, experts believe the future of cyber defence will increasingly depend on preventive mobile security tools capable of stopping unsafe APKs before installation.
In that battle, TraceX Guard is emerging as one of the most important first lines of defence for India’s digital users.
Download Now : https://play.google.com/store/apps/details?id=com.tracexlabs.guard
