header
Tech

Explainer: Here's What the Tek Fog App Can Do, and Why You Should Care

From hijacking the 'trends' sections of social media platforms to phishing 'inactive' WhatsApp accounts, here's a breakdown of what the Tek Fog app can be used for.

Listen to this article:

New Delhi: In April 2020, an anonymous Twitter account @Aarthisharma08, claiming to be a disgruntled employee of the Bharatiya Janata Party’s (BJP’s) Information Technology Cell (IT Cell), alleged the existence of a highly sophisticated and secret app called ‘Tek Fog’.

Over the next two years, a process of correspondence followed where the team at The Wire set out to test what could and could not be verified in the allegations made by the whistleblower. You can read the full investigation here.

The screencasts and screenshots of Tek Fog provided by the source highlighted some important features of the app:

1. Hijack the ‘trending’ section of Twitter and ‘trend’ on Facebook

What does this mean?

a) App operators can  ‘auto-retweet’ or ‘auto-share’ the tweets and posts of individuals or groups.

b) They can make extremist narratives and political campaigns appear more popular than they actually are.

Why should I be concerned?

a) One loses the sense of what’s real and what’s engineered.

b) This feature is used to target and harass certain communities and individuals, by spamming existing trends.

How did The Wire verify this?

By monitoring the inauthentic and suspicious on-platform activity of two trending hashtags provided by the source ahead of time (#CongressAgainstLabourers, #कर्मयोगी).

2. Phishing ‘inactive’ WhatsApp accounts

What does this mean?

a) App operators can hijack ‘inactive’ WhatsApp accounts of private citizens and use their phone number to message their ‘frequently contacted’ or ‘all contacts’.

b) Your personal information and contact list is also uploaded to the Tek Fog app and used for future harassment and trolling campaigns.

Why should I be concerned?

This feature is a clear violation of your fundamental right to privacy.

How did The Wire verify this?

By asking the source to perform a real-time demonstration of the WhatsApp exploit for The Wire team. Within minutes of being provided with a custom text message by the authors, the source used the Tek Fog app to hijack an ‘inactive’ WhatsApp account belonging to one of the authors and used the compromised account to send the custom text message to the researchers’ ‘frequently contacted’ users on the platform.

3. Using database of private citizens for targeted harassment

What does this mean?

The app has an extensive and dynamic cloud database of private citizens categorised according to their occupation, religion, language, age, gender, political inclination and even physical attributes like skin tone and breast size.

Why should I be concerned?

Visual proof:

How did The Wire verify this?

By monitoring the replies sent to ‘female journalists’, one of the targeted groups shown in the app.

Many of these replies included one or more profane keywords shown in the app screenshots, suggesting that the delineation of targets into different categories allows operatives to target victims with extreme granularity.

4. The corporate-technical nexus behind Tek Fog

  • Persistent Systems
  • Sharechat
  • Bharatiya Janata Yuva Morcha (BJYM)

5. Persistent Systems link to Tek Fog

Who are they?

Persistent Systems is an Indian-American publicly traded technology services company founded in 1990.

In 2018, India’s MoHFW chose Persistent Systems to build a digital data hub that would record, store and process health information across 10 Indian states.

What’s their role?

Possible development and maintenance of the app.

How did The Wire verify this?

The Wire reached out to an independent source currently employed at the company. This source provided the screenshots of the company’s Microsoft Sharepoint (an internal collaboration tool), indicating the app’s active development through around 17,000 assets identified by the search term ‘Tek Fog’.

6. Using Sharechat to seed hate speech

Who are they?

Mohalla Tech Pvt. Ltd. is the company behind Sharechat, a popular Indian regional language social media platform funded by Twitter and Snapchat.

What’s their role?

App operatives used Sharechat, to test and curate fake news, political propaganda and hate speech before automating it to other popular social media platforms like Twitter, Facebook, and WhatsApp. Sharechat, however, denied any link with TekFog and its promoters.

How did The Wire verify this?

The source provided a list of 14 accounts controlled by them via Tek Fog app, each of which had a linked account on Sharechat. The Wire monitored the public posts made by these accounts on Sharechat as well as on Twitter/Facebook for a month in April 2020. The analysis revealed that 90% of posts from these accounts were first uploaded on Sharechat before being migrated over to Twitter or Facebook.

7. BJYM: The youth-wing of the BJP

Who are they?

The source identified Devang Dave, the former National Social Media and IT Head of Bharatiya Janata Yuva Morcha (the youth-wing of the BJP) and the current election manager of BJP in Maharashtra, as their immediate supervisor.

What’s their role?

Supervising operators and providing ideological direction to the operation.

How did The Wire verify this?

The source connected The Wire to another current BJYM office-holder. This individual sent us a code via their official email id, that helped the team identify the various external websites and tools connecting to the secure server hosting the Tek Fog app.

8. How are the two websites, both managed by Devang Dave, accessing a private app?