Mobile News Security

Coder Reveals Code Injection by Airtel, Receives Cease And Desist From Its Developers

Share on Facebook
Tweet about this on TwitterShare on Google+Share on StumbleUponShare on LinkedInPin on PinterestShare on Reddit

In an absolute mockery of an incident which unfolded today, Indian Coder Thejesh GN, who last week exposed how Airtel was injecting a Javascript into subscribers’ browsing sessions, has today been served a Cease and Desist letter by an Israeli company which owns that injection code. What was Thejesh’s fault you ask ! Well, he apparently posted an “already publicly available code (now locked)” on a public repository in GitHub. And I’m exactly as baffled by this as you are right now.

The entire story unfolded last week when Thejesh GN discovered how Airtel was using a Flash Networks Layer8monetization” “ad injection” solution. The script, which is actually a pair of basic javascript injectors, was appearing on all of Airtel’s mobile-browsed web pages.


The coder eventually exposed Airtel’s ad injection and was hence served a cease and desist notice. And even though it has got everything to do with Airtel, the company told in a statement to StoryPick, that it is “also surprised at the Cease & Desist notice served by Flash Networks to Thejesh GN, and categorically state that we have no relation, whatsoever, with the notice”.

However, what we do need to keep in mind, is the fact that even though Airtel comes out to be the bad guy in this entire incident, this might be just some lowly ad manager’s fault at the company. This is because such ad injections, obviously being risky, are rather unwanted. These not just expose company’s unintended intentions, but also show how poorly the entire monetization strategy is being managed. Something similar happened with Superfish in the U.S. via mobile carrier AT&T.

Meanwhile, here’s Airtel’s entire statement to StoryPick on this incident,

This is a standard solution deployed by telcos globally to help their customers keep track of their data usage in terms of mega bytes used. It is therefore meant to improve customer experience and empower them to manage their usage. One of our network vendor partners has piloted this solution through a third party to help customers understand their data consumption in terms of volume of data used.As a responsible corporate, we have the highest regard for customer privacy and we follow a policy of zero tolerance with regard to the confidentiality of customer data.We are also surprised at the Cease & Desist notice served by Flash Networks to Thejesh GN, and categorically state that we have no relation, whatsoever, with the notice.

Apparently, even Github has taken down the code from its repository, which again, is unusual. Well, it  just adds up.


Editor-at-large and co-founder at The Tech Portal. He is a tech enthusiast with interests in new-age technology fields like Ai, Machine Learning, AR/VR, Outer Space and related stuff. Drop him a mail anytime, very reachable.

Add Comment

Click here to post a comment

Your email address will not be published. Required fields are marked *