Sanchar Saathi Mandate: What Apple’s Resistance to It Means?
As reported by Reuters, Apple Inc. has rejected the plan to pre-load the state-owned cybersecurity app on its smartphones. The Indian government has confidently asked the manufacturers, including Apple, Xiaomi, and Samsung, to preload their devices with a state-run app, Sanchar Saathi, within 90 days. The app is designed to monitor stolen devices, block them, and prevent their misuse.
The government also wants the manufacturers to ensure that the app cannot be deactivated. Also, the government orders the enforcement of the app on the devices already in the supply chain and manufacturing through software updates. India’s telecom ministry calls this a security measure to fight against the serious endangerment of cybersecurity. However, the critics have called it a move by the Indian government to gain access to 730 million smartphones in India.
However, Apple has refused to comply with this plan and will inform the government that it does not follow such mandates anywhere in the world, as they lead to many privacy and security concerns for the iOS ecosystem. In this article, we will cover everything about Sanchar Saathi and the impact of Apple’s resistance to it.
What is the Sanchar Sathi App?
Sachar Saathi, introduced in January 2025, is explained as a citizen-centric initiative by DoT. It is designed to empower mobile users and strengthen their security against telecom-based cyber risks. The app is available both as a mobile app and a website portal. This platform allows many services to look at safeguarding India’s 1.2 billion mobile users from cyber attacks and device theft.
As per government data, the platform has already proved itself by recovering over 700,000 lost devices, blocking over 3.7 million stolen devices, and terminating 30 million fraud mobile connections.
Why the Government Makes it Mandatory to Preload the Sanchar Saathi App?
The DoT justifies the Sanchar Saathi initiative by highlighting the presence of duplicate or spoofed IMEI numbers, which pose crucial cybersecurity risks. The department also noted that the second-hand device market in India has seen instances of stolen or reselling of blacklisted devices. This makes buyers innocent participants in the crime.
Key Features of Sanchar Saathi
The Sanchar Saathi app offers many practical services for the users. With its Chakshu feature, users can report suspicious activities like fake scams, including government officials, banks, or police. Users can also report harmful web links received through WhatsApp, SMS, Telegram, and other channels.
Another top feature of the Sanchar Saathi app is its option to block and monitor lost or stolen mobile devices with the help of a unique 15-digital IMEI number. After blocking the app, the device becomes unusable across all the networks, even if someone changes the SIM card.
The app also allows users to check the number of mobile connections registered in their name. This helps in identifying unauthorized SIM cards. Furthermore, users can verify the authenticity of their mobile handset by scanning its IMEI barcode to ensure they have not bought any stole or fake devices.
Apple’s Plan to Contest the Mandate
The Sanchar Saathi has experienced resistance from the giant manufacturer, Apple. It does not plan to adhere to the mandate to preload its smartphone with the state-run cybersecurity app and will convey its concerns to the government. However, Android devices dominate the Indian smartphone market, and Apple’s iOS powers an estimated 4.5% of the 735 million smartphones in the country by mid-2025. A research director at Counterpoint, Tarun Pathak, told Reuters that Apple has traditionally refused these requests from governments. This suggests significant friction ahead as the 90-day compliance deadline approaches.
Sanchar Saathi Is Not Mandatory And Can be Deleted
First, the DoT directly reported that the pre-installed application, Sanchar Saathi, needs to be ‘readily visible and accessible’ to the users when device setup, and that its functionalities cannot be deactivated or limited. This raised concerns about user choice and flexibility. However, Minister Scindia quickly addressed these concerns by declaring the app as not mandatory.
If you want to delete the application, you can do it as it is not mandatory. For example, if you do not want to use this app, do not register for it. It will remain dormant and deleted when you want to. Scindia added that the government is responsible for making the app accessible to everyone, as many people are unaware of this tool that protects them from digital fraudulence and theft.
The Sanchaar Sathi wants the manufacturers to complete the adoption of the app within 90 days and submit compliance reports within 120 days. The devices that are already in the sales channels need to integrate the app through software updates. Sanchar Saathi can be installed from both the Google Play Store and the Apple App Store for users who want access to the services voluntarily.
Sanchar Saathi Mandate: What Apple’s Resistance to It Means?
Hackers Stole Login Data in China-linked Incidents? 2025 Guide
Cybersecurity agencies from the US and Canada have issued a joint statement, warning that hackers connected to China used malware attacks to penetrate and maintain long-term access to unknown government and information technology businesses. According to a recent report by Reuters, the US Cybersecurity and Infrastructure Security Agency, the National Security Agency, and the Canadian Centre for Cyber Security have issued an advisory.
According to Madhu Gottumukkala, the acting director of CISA, the Chinese-linked operations are infringing sensitive networks and implement themselves to facilitate long-term access, disruption, and potential sabotage. In this article, we will be exploring whether hackers stole login data in China-linked incidents.
Brickstorm Malware For Long-term Access to Government & IT Infrastructure
The agencies detected the malware used by the state-supported hackers as Brickstorm. They put forth that this malware was implemented to target many government services and information technology businesses. The hackers stole login data and other data that allowed them to control the targeted systems fully.
The threat concerns maintaining consistent access. The advisory mentioned a case where the attackers applied Brickstorm to penetrate a firm in April 2025 and maintained access through at least September 2025.
The evaluation is grounded on eight Brickstorm samples collected from targeted firms. CISA executive assistant director for Cybersecurity, Nick Andersen, refused to share particular information on the total number of targeted government organizations or the full extent of the hacker’s activities inside the networks.
Broadcom’s VMware, a Target
The hackers are reportedly implementing the malware against VMware vSphere, a product by Broadcom. It is applied to develop and manage virtual machines within the networks. A Broadcom representative encourages all consumers to use updated software patches and comply with robust operational safety measures to address the reports.
How the Attack Was Carried Out?
We need to examine the strategies employed in order to comprehend the seriousness of this tragedy.
Taking Advantage of Virtualization Systems
The digital framework that many firms use to function is virtualization. After gaining access to the VMware environment, hackers were able to:
Virtual computers
Important servers
Consoles for administration
Backups of the system
They were able to access numerous networks both horizontally and vertically as a result.
The Silent Intruder: Brickstorm Malware
The purpose of Brickstorm’s design was:
Covert
Persistence
Harvesting credentials
Access from a distance
It enabled attackers to continue controlling networks covertly and for an extended period of time.
The Real Jackpot: Credential Theft
Attackers concentrated on credentials—usernames, passwords, tokens, and API keys—rather than just files. This tactic works well because
Credentials provide access to whole systems
Attackers are able to increase privileges
They are able to pose as authentic users
Most security tools can be circumvented by them
Credential theft poses a greater threat to cybersecurity than compromised data
Data Exfiltration using Encrypted Transmission Channels
To evade detection, tiny encrypted data packets were transmitted gradually. Advanced persistent threat (APT) campaigns frequently use this technique.
Which Data Were Stolen?
Authorities have verified the theft of:
Login information
Private internal materials
Configuration information for the system
Possible tokens for administration
Insights on network architecture
Hackers might be able to:
System re-entry in the future
Get access to more servers
Operations involving sabotage
Leak or use private information as a weapon
This makes the compromise a long-term national security risk rather than merely a current problem.
Hackers Stole Login Data in China-linked Incidents? 2025 Guide
