French Hacker Claims PM Modi’s App Taking Info Without Consent


New Delhi: A day after pointing to a massive security breach on the official mobile app of the Congress party, French hacker Elliot Alderson has now targeted the app of Prime Minister Narendra Modi. In a series of tweets, he has alleged that the app sends the IP address of users to US-based website without their consent.

Explaining the modus operandi, the hacker has also alleged that PM Modi’s Android app violates norms of European regulation as well as Google Play. According to the hacker, “if you install the @narendramodi’s #Android #application on your phone, you are giving a lot of device information to @narendramodi without your consent”.

Here’s series of his tweets:

Tweeting about the INC app on Monday, the French hacker had alleged that when one applies for membership of the party through the official Congress app on Google PlayStore, personal data are send encoded through a HTTP request to the party’s membership page online. The anonymous hacker then claims that the personal data has no encryption which makes decoding it relatively simple.

The most damning of his allegations was that the IP address of the Congress’ membership page points to a server located in Singapore.

Alderson had clarified he had no political agenda in putting his investigations in public domain.
Meanwhile, the Congress party removed its app from Google Play Store.

This even led to a political war of words between the BJP and the Congress as the former’s IT cell chief Amit Malviya tweeted, “Rahul Gandhi gave a call to #DeleteNaMoApp, but Congress deleted its own App from the App store after they were called out. What is the Congress party hiding?”

Entering damage control mode, Divya Spandana, Congress’ Social Media and Digital Communications head, said, “Clarification: We don’t drive membership through the app, it’s done through our website http:// Servers for these are based in Mumbai. As you may have noticed, the link on the app is broken.”