ToTok messaging app revealed as a UAE surveillance tool
It's been removed from the Apple and Google storesBy Rob Thubron
Why it matters: If you're one of the millions of people around the world who has downloaded messaging app ToTok, you should delete it right away. According to a new report, it's actually a spy tool used by the United Arab Emirates to track users' activities.
With many messaging apps in parts of the middle east blocked or partially blocked, ToTok has proved very popular in the region since its launch a few months ago. It's also become widely installed around the world, including in the US, where it was one of the most downloaded social apps last week.
But United States intelligence officials told The New York Times that the app is, in reality, a surveillance tool that can track every conversation, movement, relationship, appointment, sound, and image of those who install it-information that ends up in the hands of the UAE government.
A technical analysis and interviews with computer security experts suggest the firm behind ToTok, Breej Holdings, is most likely a front company affiliated with DarkMatter, an Abu Dhabi-based cyberintelligence and hacking firm that contracts directly with the Emirati government and employees former intelligence agents from countries including the US and Israel.
ToTok was also linked to an Abu Dhabi-based data mining firm called Pax AI. The firm appears to be tied to DarkMatter and works out of the same building as the UAE's signals intelligence agency (top of page).
"You don't need to hack people to spy on them if you can get people to willingly download this app to their phone. By uploading contacts, video chats, location, what more intelligence do you need?" said security researcher Patrick Wardle, who performed a forensic analysis of ToTok.
While Apple and Google have removed ToTok from their app stores, it can still be used by those who've already downloaded it.
The news comes soon after the US Navy banned video-sharing app TikTok on personnel's government-issued devices after it was deemed a "cybersecurity threat."