A New York Times article has reported that the popular messaging app in the United Arab Emirates “ToTok” is a spying tool designed to help UAE intelligence officers to observe individual talks and activities.

In the UAE, a country where Western messaging apps like WhatsApp and Skype are partially blocked, ToTok was launched earlier this year and has been downloaded by millions. It promised “fast, free, and secure” calls and messages, and attracted users across the Middle East and beyond, even becoming one of the most popular social apps in the Country last week.

But, citing classified briefings from U.S. intelligence officials and their analysis, the NYT reports that ToTok is a way for the UAE government to spy on its people directly. Citizens who used the device exchanged texts, photos and videos, and even their location (allegedly monitored to provide weather updates) with information from Emirati intelligence.

You May Also Like:- Facebook Says Investigating Data Exposure of 267 Million Users

The New York Times reports that this is a new development of authoritarian regimes in the context of modern espionage. While many governments routinely hack phones from individuals, not many are setting up a legal system and simply asking for access to their data.

“In this approach, there is an elegance,” said security researcher Patrick Wardle, who performed ToTok’s independent forensic analysis. “You don’t need to hack people to spy on them if you can get people to willingly download this app to their phone. By uploading contacts, video chats, location, what else do you need?”

The New York Times reports that the company running ToTok, Breej Holding, is most probably a front for DarkMatter, a cybersecurity firm based in Abu Dhabi. The software is also linked to Pax AI, a UAE data-mining firm that shares offices with the signals intelligence agency of the Emirates.

Google and Apple have removed the ToTok from the play store and App Store, so Breej Holding, DarkMatter and the UAE government still need to comment on the report in the New York Times. FBI also refused to comment. But a spokeswoman for the office told the Times, “It’s always a question of making consumers aware of the potential threats and weaknesses that such systems present while the FBI doesn’t comment anything about specific Apps.”