The Pakistani armed forces are suspected of organizing an intensive information gathering campaign using mobile phones, which has targeted diplomats from India, Israel and Australia, as well as member countries of the North Atlantic Treaty Organization (NATO) as the United States and Great Britain. Other people involved in the operation include officials from Iraq, Iran and the United Arab Emirates. The news of the alleged espionage operation was published earlier this month by Lookout Mobile Security, a US-based security software company.
The company said that the authors of the operation managed to penetrate a number of diplomatic phones by creating a series of fake applications for Android and iOS mobile phone systems. The applications, called Tangelo (for iOS) and Stealth Mango (for Android), have taken control of mobile devices once the owners have downloaded them through fake third-party app stores. According to Lookout, the two apps were designed by a consortium of freelance software developers who have close ties to the Pakistani military establishment. The technical report published by Lookout indicates the use of IP addresses that lead to a server hosted in the Ministry of Education of Pakistan, in the capital of the country, Islamabad. Lookout also claimed to have been able to track down the identity of the person who was the main developer of the two false mobile applications. He is reportedly a full-time government employee who "works as an app developer for mobile devices". The group that created the fake apps is known for creating legitimate apps, said Lookout, but also works to create surveillance services for mobile phone systems. In the past, the same group has been identified as a target for military and civilian government officials in India, according to Lookout.
In its technical report, Lookout's security team describes how Pakistani hackers collected a range of data from their victims, stealthily streaming it from compromised cell phones to servers in Islamabad. The data included photos and videos, contact lists, phone call logs and texts, as well as very detailed calendar entries. German and Australian diplomats were stolen their travel plans and a letter from the United States Central Command to Afghanistan's Defense Assistant for Intelligence. The latter also had access to the contents of an entire database of passport images of travelers, many of them diplomats, from Kandahar International Airport in southern Afghanistan. The report said it was impossible to know for sure when Tangelo and Stealth Mango were first developed and used.
