The popular, fast, and “secure” messaging app known as Totok is most likely a surveillance tool for the government of UAE, according to a US intelligence report.
The chatting app had 70,000+ positive reviews and was downloaded by millions of users before Google removed the app from the Google Play Store, followed by Apple’s App Store.
If you rely on ToTok for chatting with people, you should uninstall it immediately. According to the NYTimes, the app was being used by the UAE government to track users’ conversations, determine social connections, and sound/image of those who install it on their phones.
How was ToTok a UAE spy tool?
Analyzing the app, officials discovered that Breej Holding, the firm behind the app, is nothing but a front for DarkMatter, a hacking firm operated by former NSA employees and Israeli military intelligence operatives.
The US intelligence was also able to link ToTok with Pax AI, a data-mining firm linked with DarkMatter. Interestingly, Pax AI operates from the same UAE building as the country’s intelligence agency.
The CIA and UAE declined to comment on the matter. Meanwhile, NYTimes’ calls to Breej Holding went unanswered, and PaxAI didn’t respond to emails.
How ToTok mined personal data?
Apparently, ToTok had access to users’ microphones, cameras, calendars, and other phone data. Reportedly, the app tracked users’ locations on the pretext of offering an accurate weather prediction.
The messaging app looked for new contacts whenever the users opened the app, similar to how Instagram and Facebook try to bring in users’ friends.
Post the app’s release on July 27, the app became an instant hit among the UAE users. Online marketing also paid off in gaining more users. Last month, on BOTIM, another popular messaging app, users received a message to install ToTok.
Before the removal of the chat app, ToTok had over 600,000 downloads across Android and iOS. On top of that, the app was trending in stores in the US in the last few weeks.