A government security advisory has warned Android users in India about a malware called DogeRAT that is targeting sensitive data, including contacts, messages, and banking credentials. The malware is being circulated by a cybercriminal group over Telegram, disguising itself as legitimate applications such as ChatGPT, Opera Mini browser, premium versions of YouTube, and other popular apps and websites. DogeRAT not only gains unauthorized access to sensitive data but can also take control of the device, allowing it to send malicious spam messages, make unauthorized payments, modify files, and even remotely take photos using the device’s cameras.

The advisory recommends that users do not install apps from unknown third-party app stores and instead stick to app stores provided by Google, Apple, or Windows. It also urges users to avoid clicking on emails from unknown senders. Government employees are specifically asked to comply with these guidelines and disseminate them to other sections for compliance.

Indian cybersecurity startup CloudSEK first raised concerns about DogeRAT, stating that it is targeting a large customer base across multiple industries, especially banking and entertainment. Although the majority of the campaign has targeted users in India, it is intended to have a global reach.

This warning comes at a time when cyber attacks on ministries and departments, including sensitive defense units, have been on the rise. Previously, there have been warnings about cyber attack campaigns allegedly conducted by China-based threat actors targeting government bodies such as the Unique Identification Authority of India (UIDAI) and the All India Institute of Medical Sciences (AIIMS).

