Anonymous India Hacker Group Claims Reliance Jio Chat App Is Sending Data To Chinese Servers
An anonymous Indian hacking group named AnonOpsIndia has shared sensational evidence, which points to a very dismal and alarming scenario: Reliance Jio chat app is allegedly sending sensitive user data to a Chinese IP.
Although it is not yet clear which type of data is being shared, and which Chinese company is receiving this data, but from the evidences collected so far, it seems that privacy and security of all Reliance Jio chat app users is being severely compromised.
At the time of writing, there has been no clarification from Reliance Jio management regarding this incident of data breach.
Data Transported to Chinese IP
AnonOpsIndia decompiled the application’s APK file, and found references of a Chinese IP address. They decompiled another file from the app, and found the references of the same Chinese app via strings written in Chinese language.
They immediately shared the Chinese IP addresses, which are receiving this data of Indian users: “220.127.116.11:8086”, “poc.gongsunda.com:8083”, “www.rsocial.net:8087”, “acp.jiobuzz.com:8090”
They created a hashtag on Twitter: #OpStopReliance, and shared their findings for other users to reach.
Soon, another Twitter user called @digimaverick shared screenshots of the code from Reliance Jio chat app, which clearly showcases the Chinese IP and Chinese language strings. Sensitive geolocation and other data of Indian users are being allegedly sent to this address.
Considering that the data which is being passed on to the Chinese servers are not encrypted, anyone can barge into the data transfer, and have access to this data.
This is certainly one of the most bizarre security breach ever recorded, but Reliance Jio team is still comprehending the severity of the issue.
Found some chinese strings in the core package of the Jio App. So sorry, it’s not make in India lol #OpStopReliance pic.twitter.com/jZKQtoodJA
— AnonOpsIndia (@opindia_revenge) June 15, 2015
Reliance Jio Chat app was launched in April this year, and we had done a detailed review of it’s features, and found it excellent. Loaded with chat, voice call and creative emojis, we had recommended this app to our users.
However, having said that, this new security breach which was discovered few days back has alarmed us, and we are expecting a reply from Reliance Jio regarding this attack on our privacy.
At a time when Reliance Jio is trying to disrupt the Indian telecom market with superfast, and dirt cheap Internet plans, this disturbing allegations of data breach certainly comes as a shocker.
We will keep you updated as more details come in.
Disclaimer: We have verified these screenshots of the code with a senior security analyst, who has informed us that the data is certainly being sent to a Chinese IP, without any prior information or alert. He has informed us that although anyone can download an app, and decompile the code, such minute reverse engineering of the APK is subjected to the terms and conditions of the app creators. We are not yet sure whether such decompilation falls under the safety of legal proceedings or not. None the less, if any user information is being unofficially transported, it is against the existing privacy law.