On 20th October (Friday), the Gujarat anti-terror squad (ATS) arrested a 53-year-old man named Labhshankar Duryodhan Maheshwari on charges of helping Pakistani agents to get sensitive information about Indian soldiers. Originally from Pakistan, Maheshwari was allegedly spying for Islamabad. According to the police officials, he was infecting the phones of Indian defence personnel with malware forwarded on WhatsApp.
As per the officials, Maheshwari was a Pakistani native and in 1999 he came to Gujarat’s Tarapur town in Anand district. He arrived in Gujarat with his wife for “fertility treatment”. However, he stayed in India and established himself as a successful businessman. Later in 2005, he was granted Indian citizenship. However, his extended family still remained in Pakistan.
ATS superintendent of police Om Prakash Jat said, “Labhshankar Maheshwari, who was living in Tarapur town of Anand district, has been arrested on accusations that he circulated malware through WhatsApp among defence personnel, which was used by Pakistani intelligence agencies to get information from their phones.”
#WATCH | Ahmedabad, Gujarat: On the arrest of a Pakistani spy, Gujarat ATS SP Om Prakash Jat says, "Gujarat ATS received input from the military intelligence that a Pakistani army or a Pakistan agent is using WhatsApp on an Indian SIM Card… He was sending Remote Access Trojan… https://t.co/JvitqnyjS7 pic.twitter.com/p3a362ZreU
— ANI (@ANI) October 20, 2023
The ATS SP Jat added that Maheshwari has been booked under Indian Penal Code (IPC) section 123 (concealing with intent to facilitate a design to wage war against the government) and 121-A (conspiracy to wage war against the government) and under relevant sections of the Information Technology (IT) Act.
According to the ATS officials, the investigation revealed that Maheshwari agreed to participate in this conspiracy because he wanted to expedite the visa process for himself, his wife, and two other family members who wished to visit Pakistan to meet their relatives.
Sharing the details of the case, Jat added, “The Indian Military Intelligence recently learnt that either the Pakistan Army or Pakistan’s intelligence agency had somehow acquired an Indian SIM card, which was being used for spying on Indian defence personnel by sending them malware through WhatsApp. Based on the information, we apprehended Maheshwari from Tarapur in Anand, where he runs a grocery shop.”
According to the ATS, Maheshwari helped Pakistani agents access an Indian SIM card, which they used to hack the phones of Indian defence personnel’s wards in Army schools.
As per the ATS investigation, the SIM Card was issued under the name Muhammad Saklain Thaim from Jamnagar. It was then activated on the mobile belonging to Azgar Hajibhai. After activation, the SIM card was delivered in Anand, Tarapur to a person named Labhshankar Maheshwari on the instructions of a person associated with the Pakistan Embassy.
As instructed, Maheshwari, posing as an employee of an Army school, started sending messages to defence personnel. He used to urge them to download an ‘apk’ file and upload information about their children on the official website of the school, the ATS official added.
Jat added, “In reality, that ‘apk’ file was a Remote Access Trojan, a type of malware that extracts all the information from a mobile phone, such as contacts, location and videos, and sends the data to a command and control centre outside India. As of now, we found that the mobile phone of a soldier stationed at Kargil was compromised with that malware. We are yet to ascertain how many more persons were targeted.”
As per sources privy to the matter, in 2022, Maheshwari visited his parents in Pakistan. It is believed that the Pakistani agents “cultivated” him during the processing of his Pakistani visa. During his six-week stay with his parents, he is believed to have been in touch with a Pakistani intelligence agency, sources asserted.
The investigation findings revealed that at one point, Maheshwari posed as an employee of an army school. He then persuaded parents to download a file claiming that it was necessary to record some information.
In another instance, he falsely claimed that the apk file was linked to the government’s ‘Har Ghar Tiranga’ campaign. On the basis of the false claim, he convinced many army personnel to install the application. Apart from encouraging recipients to install the app, he used to ask them to upload a photo of their child with the national flag, however, it is alleged that the trojan malware was helping gather sensitive information.
While further investigation is ongoing, the officials added that other accused in the case are now on the run and are believed to have left the country.
