Vietnamese Hackers Using ‘Maorrisbot’ to Target Indians in WhatsApp e-Challan Scam: CloudSEK

Scammers are reportedly sending fake eChallan messages over WhatsApp impersonating the Parivahan Sewa or Karnataka Police.

Advertisement
Written by Akash Dutta, Edited by David Delima | Updated: 17 July 2024 19:35 IST
Highlights
  • A new malware called Maorrisbot is reportedly infecting Android devices
  • The malware is said to have affected more than 4,400 devices
  • Maorrisbot is capable of intercepting OTPs and other messages

WhatsApp fake e-Challan scams have reportedly led to fraudulent transactions exceeding Rs. 16 lakh

Photo Credit: Reuters

WhatsApp e-Challan scams are targeting users India using Maorrisbot, a new form of technical malware, according to a cybersecurity firm. This is a relatively new type of scam that is reportedly backed by a large, organised effort. So far, the malware is said to be affecting only Android devices, and no impact has been seen on iOS or other Apple devices. The scam begins like a typical phishing scam, but once the malware is deployed on the victim's device, it acts as a trojan.

WhatsApp e-Challan Scams Using Maorrisbot to Target Indian Users

A new CloudSEK report details how the new malware dubbed Maorrisbot is used by hackers based in Vietnam. The firm states that a highly technical Android malware campaign is currently being uses to target users in India through fake traffic e-Challan messages disseminated via WhatsApp.

Advertisement

At the onset, the scammers impersonate the Parivahan Sewa or Karnataka Police and send messages to people asking them to pay their challan (traffic violation fine). These messages contain details of a fake e-Challan notice and a URL or an attached APK file.

The scammers trick the victim into clicking the link to pay the fine, and once that is done, the Maorrisbot is gets downloaded on the device. However, the report states that it is disguised as a legitimate application, which could mislead unwary users.

Advertisement

The fraudulent message sent to victims by the hackers
Photo Credit: CloudSEK

Advertisement

 

After being installed, the malware begins requesting multiple permissions such as access to contacts, phone calls, SMS, and even to become the default messaging app. If the user allows these permissions, the malware begins intercepting OTPs and other sensitive messages. It can also use the data to log in to the victim's e-commerce accounts, purchase gift cards, and redeem them without leaving a trace.

Advertisement

The cybersecurity firm also found that the scammers use proxy IP and maintain a low transaction profile to avoid detection. The researchers believe the attackers are Vietnamese based on conversations and IP location — the purported hacker's IP address was traced to Bắc Giang Province in Vietnam.

CloudSEK claims that 4,451 devices are known to be compromised after installing the malware. The hackers have reportedly used 271 unique gift cards to steal more than Rs. 16 lakh from victims. Gujarat and Karnataka have been identified as the most affected region.

The security firm recommends Android users use well-known antivirus and anti-malware software, limit app permissions and regularly review them, and install apps only from trusted sources. Further, the firm also highlights monitoring suspicious SMS activity, regularly updating the device, and enabling alerts for banking and sensitive services.

 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Advertisement

Related Stories

Popular Mobile Brands
  1. Best Mobiles Under Rs. 40,000 in India
  2. Best Smartphones With AI Camera Features
  3. Samsung Galaxy Z Fold 8 Ultra Roundup: Launch Date, Expected Price, Features
  4. Samsung Galaxy Z Flip 8 Roundup: Launch Date, Expected Price, Features
  1. Samsung Galaxy Z Flip 8 Roundup: Launch Date, Expected Price, Specifications
  2. Redmi Note 17 Pro Global Variant Reportedly Appears on NBD Database Alongside Poco Model
  3. Google Pixel 11a Codename Reportedly Spotted in Phone App
  4. Huawei Mate XT 2 Leaked Patent Reveals New Tri-Fold Design and Folding Mechanism
  5. Airtel Unlimited 5G Data Subscribers Reportedly Cannot Share 5G Data via Mobile Hotspot: Here's What We Know So Far
  6. Lenovo Legion C700 Teased as a Cloud Gaming Handheld Ahead of August Launch
  7. Marvel's Wolverine Gets New Trailer That Will Play Ahead of Christopher Nolan's The Odyssey in Select Theatres
  8. Airtel Quietly Removes Rs. 549 Individual Postpaid Plan in India; Rs. 699 Plan Becomes Next Upgrade
  9. Poco M8 Power, Poco X8 India Launch Timeline Tipped; Could Arrive as Rebranded Redmi Note 17 Series
  10. Samsung Galaxy S25 Series Could Get Galaxy S26’s Horizontal Lock Camera Feature With One UI 9 Update
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.