.png){kind=small}
.png)
.png)
.png)
.png)
4 hours ago
3
ARTICLE AD BOX
Lucknow: Next time you get a traffic challan message on your WhatsApp, be cautious. Police officials say it could be a red herring used by scammers to compromise your phone. Once installed, the malicious app allegedly gives hackers remote access to the device, allowing them to steal financial data, banking details, and personal information.A WhatsApp mentioning "RTO Traffic Challan.apk" has been circulating via messages in the past week. Cyber cell officials said the file is not a genuine challan, but a malware application designed to compromise mobile phones. According to cyber cell officials, nearly 10 complaints were lodged in the last seven days from the people who fell prey to the scam.Authorities have urged people to avoid downloading APK files from unknown sources and to only check challan details through the official Parivahan or state RTO portals.
Once downloaded and installed, the malicious APK covertly grants hackers remote access to the user's device. This enables them to steal banking details, UPI credentials, stored passwords, financial data, and personal information. Alarmingly, victims also risk a complete phone takeover, including access to OTPs and digital wallets.Officials warn that the scam is spreading rapidly across districts and could impact many more if awareness is not raised immediately, said ACP Cyber Cell, Abhinav Kumar.
He urged citizens to remain vigilant and to never download APK files from unverified links. For authentic information regarding traffic challans, people should only rely on official sources such as the Parivahan portal (
or the respective state RTO websites.ACP Kumar added that the fraudsters are exploiting in the name of challan and did so earlier in the name of lottery. Cyber experts also recommend updating phone security patches regularly, installing antivirus apps, and enabling two-factor authentication for banking and payment apps.Former IPS officer and cyber expert, Triveni Singh, said, "Fraudsters are exploiting fear of challans to spread this malware. The only way to defeat such scams is awareness. If you receive such a message, delete it immediately and inform the cyber helpline 1930.""Once the victim unknowingly installs the app, it silently grants the attacker remote access to the phone—allowing them to read SMS, intercept OTPs, monitor screen activity, and operate banking apps."
Singh said these APKs look harmless but contain embedded code that compromises mobile devices. "They are capable of stealing debit/credit card data, reading SMS and OTPs, recording your screen activity, accessing internet banking apps, and sometimes even locking your phone," he said.HOW THE FAKE "RTO TRAFFIC CHALLAN.APK" MALWARE WORKS 1. WhatsApp Message Sent → User receives a message with an APK file titled "RTO Traffic Challan.apk". 2. User Installs App → Mistaking it for a genuine challan, the victim installs the app. 3. Hidden Permissions Granted → The malware silently asks for device permissions (SMS, contacts, storage, accessibility). 4. Remote Access Activated → Hackers gain control of the phone and can monitor activity. 5. Data Theft Begins → Banking details, UPI credentials, OTPs, and personal information are siphoned off. 6. Financial Loss → Victims face unauthorized transactions and identity theft. HOW TO STAY SAFE - Do not download APK files from WhatsApp, SMS, or unknown sources. - Verify challans only on official portals (Parivahan / State RTO). - Install and update antivirus/security apps on phones. - Keep your phone's operating system updated. - Report suspicious messages to the 1930 cybercrime helpline or cybercrime.gov.in.
English (US) ·