Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Management & Strategy

Google Removes Mideast Android App ToTok

For the second time within two months, Google has removed United Arab Emirates-developed messaging application ToTok from Google Play.

For the second time within two months, Google has removed United Arab Emirates-developed messaging application ToTok from Google Play.

At the end of December, the popular mobile application was removed from both the Google Play marketplace and Apple’s App Store, after The New York Times reported that the UAE government was using it to spy on users. 

Specifically, the software was reportedly allowing UAE to listen to conversations, track user movement, and access other information of people who had ToTok installed on their devices. 

At the time, Apple said the app was pulled pending a review, while Google said it removed it for a policy issue. 

By the end of December, the UAE’s Telecommunications Regulatory Authority denied the spying allegations, saying that such behavior was prohibited by law. 

Roughly a week later, after the Internet search giant concluded their investigation, ToTok was back on Google Play with a series of update. 

ToTok is no longer available in Google Play, as the Internet search giant removed it again on February 14, TechCrunch says. The application is not available in Apple’s App Store either. 

While analyzing the application, Objective-see security researcher Patrick Wardle discovered that it requested a variety of permissions that were supposedly needed for legitimate purposes, as one would expect from a messaging app, but also that it was engaging in some not so straightforward activity. 

Advertisement. Scroll to continue reading.

The researcher observed that, after installation, the app would attempt to upload all of the user’s contact list to a specific site, that it uploads media files to its servers in encrypted form, and that it also sends out the user’s exact location, if authorized to access it. 

Additionally, Wardle discovered that ToTok was largely composed of code from YeeCall. The code reuse is not surprising, especially since the app’s publisher, Breej Holding Ltd, is reportedly connected to Abu Dhabi-based cyber-intelligence and hacking firm DarkMatter

SecurityWeek has contacted Google for clarification on why ToTok was removed from the mobile application store, but had not received a reply at the time of publication.

Related: UAE Denies Developing Popular Mideast App as Spy Tool

Related: Popular Mideast App Accused of Spying Back on Google Play

Related: Popular Mideast App Pulled After Report it Was Spying Tool

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem