India – Hackers Selling User’s Call Data To Ad Networks Abroad

Reliance Jio, is a Mumbai-based provider of 4G internet, broadband services, mobile telephony,  and digital services in India. Formerly known as Infotel Broadband Services Limited, Jio provides 4G services on a pan-India level using LTE technology.

Anonymous hackers claims that they can make money by selling user call data to targeted ad networks in the US and Singapore without informing users.

According to Anonymous hackers said to BusinessLine that, ” The group, which claims to hack companies and governments to expose them as a way of activism and goes by the Twitter handle AnonIndia (@redteamin), said two Jio apps, including My Jio and Jio Dialer, are sending user information to an ad network called Mad-Me.”

“The website RJio is sending it to claims to be a platform for targeted advertising.”

“Any information captured by Jio is only for internal analysis to deliver better quality of service and recommend offerings from Jio’s product portfolio.”they added.

A year ago, the same Anonymous group claimed that RJio chat app Jio chat was sending user data to a Chinese IP without even encrypting it, which meant that apart from your information being leaked to the Chinese, anyone could snoop into your conversation and know exactly what you’re chatting about or sharing with friends.

The app itself was coded in Chinese, which led to suspicion that the app was indeed developed by the Chinese as well. Jio had dismissed these allegations.

“At least this time the traffic is going on https (encrypted), last time they did not even bother to encrypt it,” the anonymous group said.

The hacktivist collective said they tested apps from all other operators as well but only My Jio app and Jio Dialer were found to be sharing information with an ad network outside the country.

“What drives us is to expose the wrong doings of these companies, last year also when they tried to violate the principles of NN (netneutrality), we taught them a lesson.” the group said.

The group has in the past attacked websites of various individuals and government agencies, including TRAI and BSNL. The group had also undertaken activities to protest against Section 66A of the Information Technology Act and in support of network neutrality.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients