According to The New York Times, the ToTok messaging app is actually a spy tool from the UAE. The app has already been installed on millions of smartphones and promoted as a simple and secure way to chat with friends and family via text or video – the downside is that the app's home country is known to restrict similar services like WhatsApp and Skype.
The newspaper states that the app is used by the UAE government to try to track every conversation, movement, relationship, appointment, sound and image of users who installed it on their phones.
To circumvent Chinese espionage, the country's military is prohibited from using the app.
The ToTok app, which isn't even a year old, has been downloaded millions of times from Google and Apple app stores by users in the Middle East, Europe, Asia, Africa, and North America. Many users of the app are located in the UAE, but this December it turned out to be one of the most downloaded messaging apps in the United States.
According to the newspaper, interviews and a forensic investigation showed that the ToTok app is the latest tool in the digital arms race among authoritarian governments. Governments are looking for increasingly effective and convenient methods to spy on foreign opponents, criminal and terrorist networks, journalists and critics around the world.
Experts say the app's development shows that governments can eliminate middlemen and directly spy on their targets, who end up voluntarily handing over their information by installing it.
The newspaper says the company behind the ToTok app, Breej Holding, is probably a front company affiliated with DarkMatter, an Abu Dhabi-based cyber intelligence and hacking company where Emirates intelligence officials, former Agency employees Security and former Israeli military intelligence agents work.
Newspaper sources say DarkMatter is being investigated by the FBI for possible cyber crimes. US intelligence analysis and technical analysis have also linked the ToTok app with Pax AI, an Abu Dhabi-based data mining company that also appears to be linked to DarkMatter.
Google and Apple have already removed the app from their respective stores.
Forensic analysis of the app by Patrick Wardle, who previously worked for the US National Security Agency and now works as a security researcher, indicates that it appears to be a copy of a Chinese messaging app called YeeCall.
On the surface, ToTok tracks users' locations by providing an accurate weather forecast. He looks for new contacts whenever the user opens the app, under the pretext that he is helping to connect with his friends. It has access to microphones, cameras, calendar and other data on users' phones. Even its name was clearly thought to be similar to another app, the Chinese TikTok.
Source: The New York Times