NEW DELHI: CloudSEK’s contextual AI digital risk platform XVigil recently uncovered two applications – Kerala Lottery Online and India Kerala Lottery– allegedly cheating people by impersonating the Directorate of Kerala State’s lottery.
People are being enticed to buy lottery tickets online through these apps. Ads that link users to malicious websites are a common tactic used by threat actors. Scammers who pose as authorities often use social media profiles with hundreds of thousands of followers as a platform for spreading disinformation.
When comparing the privacy policies of two similar apps, CloudSEK discovered that “Kerala Lottery Online” and “India Kerala Lottery” both show the same information, although having different names.
ALSO READ: Sharp Rise In Cyber Attack On Healthcare Sector, India Second Most Targeted Country: CloudSEK
According to CloudSEK research, the creators of these two apps can be reached via the following email addresses: OnlineKeralaLotto@gmail.com and firstname.lastname@example.org. It’s clear that the government isn’t operating these apps.
Both apps were hosted on Google Play and had over a million downloads. The shady developers of these apps used the names and logos of legitimate organisations like the National Informatics Centre and the Kerala State Directorate of Lotteries.
According to the Kerala lottery administration, the state solely offers paper lottery tickets and does not allow for internet sales.
ALSO READ: Phishing Attack On Bank Customers Using SMS Apps, Warn Cyber Experts At CloudSEK
Among the many permissions these apps seek, the ability to install packages stands out as particularly intrusive.
According to the data, there is a clear link between the apps created for this campaign and the advertisements that targeted the now-banned Instant Loan Apps. As ‘h5.domainname.tld’ is utilised to host critical website content in both campaigns, this may indicate that the same threat actor organisation or software development kit (SDK) is behind their creation and activation.
It has been alleged that threat actors have exploited a referral network to rapidly promote their apps. Various Telegram channels, Videos on YouTube, social media posts, and tweets all promoted the fraudulent apps.
To encourage people to click on the referral link, the scammers advertise free lottery entries and a cut of the winnings for everyone who clicks on the link.
Scammers have explainer videos on YouTube that walk users through setting up and utilizing the apps.
There have been reports of fake Facebook profiles promoting the apps. The application has been promoted for over six months by a Twitter account with over 200,000 followers.
Telegram channel, which has a long history of discussing and providing tips on offline lottery numbers, is also promoting this application.
ALSO READ: Abysmal State of Critical Infra: Supply of Gas, Water & Govt Services at High Risk – CloudSEK’s Report
“Cashing on the popularity of Kerala lottery, threat actors have created multiple apps and websites to sell tickets and conduct lotteries which is banned by Kerala state government. To get more users, threat actors promote their apps on various social media platforms, along with WhatsApp and Telegram groups. Several websites have also been created to promote the apps and make the apps look legitimate,” said a CloudSEK researcher.
– It is advised to buy lottery tickets from government-authorized stores. As per Kerala state rule, only physical tickets are permitted for sale.
– Refrain from participating in online Kerala Lottery as conducting online Lottery is banned in Kerala.
– Avoid downloading dubious apps, as it may compromise users’ critical information.
Follow The420.in on
Telegram | Facebook | Twitter | LinkedIn | Instagram | YouTube