- ToTok is accused of being UAE-owned spyware, targeting citizen communications in the country.
- The app has connections with a Cyprus based cybersecurity firm which is currently being scrutinized by the FBI.
- Both Apple and Google have removed ToTok from their respective app stores and urge users to uninstall it from their phones.
After the New York Times conducted an in-depth investigation on the way the ToTok video calls and chat app works, they concluded that the software is practically spyware. More worryingly, it is used by the government of the United Arab Emirates to carry out mass surveillance operations over its citizens and foreign visitors or professionals. Following these staggering revelations, Apple has decided to pull the app from the App Store, so anyone using it still is advised to remove it from their device. Shortly after, Google has also removed the app from the Play Store.
From what we know so far from rumors and unofficial disclosures, DarkMatter has connections with Israeli hackers who work in their Cyprus offices, targeting Iranian infrastructure. The FBI is investigating the possibility of “intellectual property smuggling”, and various other cyber crimes that have taken place in Middle Eastern countries. The connection between DarkMatter and ToTok’s parent company, Bvreej Holding, is generally taken for granted. What needs to be determined is whether the UAE government is behind ToTok’s backdoors and on what basis the collaboration deal was arranged. For now, nothing is certain, but Apple and Google thought that it would be better to just oust the app from their stores.
Reportedly, the UAE government has placed handicaps on similar apps like WhatsApp, which it didn’t control. This forced the citizens to move to alternatives like the ToTok, so the popularity of the app grew quickly. In January, we discussed a very powerful iOS spying tool called “Karma”, and which the UAE government was accused of using against journalists and activists in the country. The story saw the light thanks to former U.S. intelligence operatives who published the details about Karma and it’s capabilities. While nothing was confirmed, it is clear that communications in the UAE are not flying around freely.