Nishant Agrawal, a senior system engineer at top missile firm BrahMos Aerospace, was sentenced to life imprisonment for leaking India's military secrets to Pakistan.

A UP-ATS officer had told the sessions court that handed Agrawal his sentence that the latter had installed three softwares on his computer at the behest of one Sejal Kapoor whom he met online.

After chatting with more than 98 defence officials, she used to forward a few links to third-party apps—in Nishant's case those were Qwhisper, Chat to Hire and X-trust—and asked him to install them to have intimate private conversations, reported The Times of India.

These three apps, which were malwares, were installed by Nishant on his computer, which happened to contain highly classified secrets related to the supersonic cruise missile BrahMos. It should be noted that storing defence secrets on a personal computer is a big offence and will be liable to face rigorous life imprisonment under the Official Secrets Act (OSA).

The three chatting apps reportedly came with the notorious GravityRat malware; it is capable of scanning every little file and document and stealing sensitive information from a computer to a cloud server operated by a hacker or a spy agency. It is capable of avoiding detection from anti-virus applications on PCs and victims will never know what hit them before it's too late.

Besides Facebook, Sejal is said to have chatted with Nishant on LinkedIn too. Sejal had told him that she worked in Hays Aviation, a large aviation & aerospace engineering recruitment agency in the United Kingdom.

As it turned out, Sejal Kapoor was a fake profile created by Pakistan's spy agency Inter Service Intelligence (ISI).

Besides intimate messages, Sejal also reportedly lured Nishant with a big job offer in the UK if he shared details on the project he was working on.

However, Nishant, during a routine security check, came under the scanner. In 2018, Military Intelligence (MI) and the Anti-Terrorism Squad (ATS) of Uttar Pradesh and Maharashtra took him in custody for leaking top defence secrets to an enemy country.

After close to five years, Nagpur's additional sessions court earlier this month convicted Nishant Agrawal, under section 235 of the Criminal Procedure Code for an offence punishable under section 66 (f) of the IT Act and several other sections of the Official Secrets Act (OS. He was penalised Rs 3,000 and has to undergo rigorous imprisonment (RI) for 14 years.

Pakistan's ISI has reportedly created several fake profiles with Indian women's names such as Sejal Kapoor, Arohi Alok, Aditi Aaron, Aditi Agrawal, Anamika Sharma, Divya Chandan Roy and more.

As per the latest reports, they tried targeting close to 100 officials working in the Indian Army, India Navy, Indian Air Force, paramilitary forces and state police personnel stationed in Rajasthan, Madhya Pradesh, Uttar Pradesh, and Punjab.

Besides Sejal, Nishant was also chatting with Neha Sharma and Pooja Ranjan; both fake profiles created by ISI.

For the last few years, particularly since the Covid-19 pandemic-induced lockdowns, there has been an increased number of cases of ransomware attacks and sophisticated espionage attempts at hacking the phones of high-profile people. Cyber experts and state-run security agencies including the Indian Computer Emergency Response Team (CERT-In) have regularly sent out alerts to citizens about the threats of malware-laced applications and not to venture into shady websites, and yet people fall prey to online frauds.

Here are some valuable tips to safeguard yourself from getting hacked:

1) Never install apps from third-party app stores or unknown websites

2) Even on official platforms such as Google Play/Apple App Store/Microsoft Windows Store, always exercise caution while downloading apps developed by unfamiliar developers

3) Always check the reviews of the apps before installing them onto your device. There will always be telltale signs and complaints such as previous customers facing issues with productivity or the app not functioning as advertised.

4) Never install apps from website URLs shared on the messenger app. Even if your friend or family member sends it, do not install them

5) As mentioned above, avoid installing unknown chatting or messenger apps, as they are most likely used to honey-trap the potential victim

6) If you are working in big corporate companies or government agencies, please avoid storing office-related classified documents or trade secrets on personal computers. Most companies offer work computers for home and use only them

7) Do not install any social media apps or any third-party apps on office computers

Get the latest news on new launches, gadget reviews, apps, cybersecurity, and more on personal technology only on DH Tech.