Cybersecurity and threat intelligence researchers at Shreshta IT Technologies Pvt. Ltd, Belagavi warn that the popular streaming app is part of a coordinated, Pakistan-origin campaign to install malware on Indian phones.
By Swapneel Patnekar, Shreshta IT Technologies Pvt. Ltd.
With OTT subscriptions costing anywhere between โน149 to โน999 per month, the appeal of a free streaming app is easy to understand. Apps like Pikashow promise unlimited movies, web series, and live TV channels – all at no cost. For millions of Indian users, it sounds like a bargain. Researchers say it is anything but.
What Is Pikashow?
Pikashow is an Android application that offers free access to movies, web series, and content from premium OTT platforms. It is not available on the Google Play Store. To install it, users must download it directly from third-party websites – a process known as sideloading. Sideloading is the process of installing applications on a device from sources other than official app stores such as Google Play or the Apple App Store. While it may appear harmless, it means bypassing every security check that Google and Apple conduct before an app is made available to the public. There is no vetting, no verification, and no safety net.
A Coordinated campaign from across the border Pikashow is not simply a piracy app. Cybersecurity researchers at Shreshta have found that it is part of a deliberate, large-scale malware distribution campaign. Over 316 domains have been identified as linked to this operation. As of January 2026, 22 of these websites were actively distributing multiple versions of the Pikashow application to unsuspecting users in India.
The investigation further found that this campaign was being systematically amplified on X (formerly Twitter) through a network of coordinated fake accounts – all traced to Pakistan. A primary account posted Pikashow download links, while dozens of supporting accounts – created in late 2025 and registered in Pakistan – liked and retweeted those posts to push them in front of Indian audiences. The strategy was straightforward: use the appearance of a legitimate, popular app to trick Indian users into installing malware on their own phones.
The Government has already issued a warning
India’s Indian Cyber Crime Coordination Centre (I4C), operating under the Ministry of Home Affairs, has already issued public advisories about Pikashow. The warning is direct: the app is unsafe, it carries pirated content, and it can infect your phone with malware or spyware. Banking information may be compromised. Legal consequences are possible.
What happens when you sideload an App
When a user installs a sideloaded application, they grant it direct access to their device – without the permission controls that official app stores enforce. Researchers warn that once such an app is installed, attackers can silently deploy malware or spyware, steal banking credentials, UPI PINs, and one-time passwords, access personal photos, messages, and contacts, and use the compromised device to conduct further attacks on others. Critically, this can all occur while the app continues to stream content normally, leaving users with no indication that anything is wrong.
Piracy Also Carries Legal Risk
Beyond the cybersecurity threat, streaming pirated content is illegal under Indian copyright law. Users of Pikashow are not only putting their devices and data at risk – they may also face legal action, as flagged in the I4C advisory.
What Citizens Should Do
Cybersecurity experts at Shreshta offer the following guidance: – Never install an app through sideloading. Avoid any application distributed via a website, a WhatsApp message, or a link on social media, regardless of how credible it appears. – Install apps exclusively through the official Google Play Store or Apple App Store, which screen apps before listing them. – For stock market trading, always look for the Verified label on trading apps listed on the Google Play Store, as mandated by SEBI. This is your assurance that the application is legitimate and regulated. – If you have already installed Pikashow or a similar app, remove it immediately, change your banking and UPI passwords, and monitor your accounts for any unauthorised transactions.
Report Cybercrime without delay
Anyone who suspects their device has been compromised or has fallen victim to online fraud should call the national cybercrime helpline 1930 or visit cybercrime.gov.in to file a complaint. Free content is rarely free. Behind the promise of unlimited movies lies the very real risk of losing your money, your data, and your privacy. When an app offers everything for nothing, ask yourself who is truly paying the price.