- The Iranian government is trying to convince desperate citizens to install Covid-19 themed spyware.
- The app was developed and signed by a well-known collaborator of the government.
- The software is asking permission to access the device’s sensors, fine location (GPS), and more.
An application promoted by the Iranian Ministry of Health and Ministry of Communications, named "AC19," is reportedly a spyware app. According to the findings of the Iranian researcher Nariman Gharib, the particular app, which is supposedly aimed at helping Iranians manage the risk of Covid-19 infections, is sending real-time geo-location data back to its C2 server. The Iranian Ministry of Health promoted the app via an SMS sent directly from their systems to the citizens. The message urged the recipients to use the app before they visit a health center, in order to run a self-diagnostic test and determine the chances of having been infected.
A company named “Smart Land” developed the app, and this is the same entity that developed “HotGram,” “Golden Telegram,” and “Mobogramme,” all three of which are Telegram spin-offs that contain government backdoors and request access to cameras and microphones. The AC19 app requests permission to access location data (GPS-fine), info about the mobile operating system, and even to use the device’s sensors. This way, the Iranian government will be able to track the users and even tell if they are sitting still, walking, or running. The servers that accept and store all this data belong to Smart Land, and the app is signed by themselves (how convenient).
As for the things that the user is requested to provide via the app’s frontend, this includes the mobile phone number, gender, name, height, weight, city, and reason for screening. According to the researcher, the Iranian authorities could now very easily input mobile phone numbers into their system and automatically get the location of the corresponding subscriber, as well as their real-time movement status. It is estimated that about two million Iranians have already installed the "AC19" government spyware app, falling victims to their own fear.
Iran has trouble accommodating all patients, as there are no Covid-19 test kits available in most locations, and people are forming long lines even to measure their body temperature. No matter where the app is coming from, you should never trust or install APKs sourced from outside the official Android and Apple app stores. Finally, you should carefully review the requested permissions before granting access, and ponder on what an app would really need based on its role and functionality. A Covid-19 self-help app shouldn’t need to access the device’s sensors and GPS location data, and this alone should ring the alarm.