Report claims app tracks ‘conversation, movement, relationship, appointment, sound and image of those who install it’.

A chat and voice calling app is being used as a “spying tool” by the United Arab Emirates (UAE), a New York Times (NYT) investigation has revealed.

ToTok, an app released earlier this year, is tracking “every conversation, movement, relationship, appointment, sound and image of those who install it on their phones,” NYT investigators and American officials familiar with classified intelligence claimed in the report on Sunday.

The app has been downloaded millions of times through Google and Apple app stores in the Middle East, Europe, North America, Asia and Africa, according to the NYT.

Breej Holdings, the company behind ToTok, is likely to be a front company for cyber intelligence and hacking firm Dark Matter, the Times claimed, and is currently under investigation for cybercrimes by the Federal Bureau of Investigation (FBI).

The app has been removed from Google store [Screenshot]

Both companies had removed the app from their stores last week after NYT reporters contacted their representatives about the app’s link with the UAE state.

The report also linked ToTok to the artificial intelligence firm PAX AI, a data-mining firm based in Abu Dhabi, the UAE capital, with ties to Dark Matter.

A former National Security Agency (NSA) official, who performed a forensic analysis on the app for the Times, said ToTok appeared to be a duplicate of the Chinese app YeeCall.

The spokesmen for the Emirati government, PAX AI and Breej Holding all refused to respond to any of the NYT’s queries.

The UAE has been under scrutiny for conducting surveillance operations on its critics, helped by cybersecurity companies and experts linked to Israel and the United States.

Reports this year revealed how a group of former NSA operatives and other elite US intelligence veterans helped the UAE spy on a wide range of targets through the previously undisclosed programme — from “terrorists” to human rights activists, journalists and dissidents.

According to a NYT report last year, the UAE asked the Israeli cybersecurity firm NSO group to hack into the phones of the Qatari emir and a Saudi prince among other political and regional rivals.

The spyware was also implicated in the gruesome killing of journalist Jamal Khashoggi, who was dismembered in the Saudi consulate in Istanbul last year.

Several alleged targets of the spyware, including a close friend of Khashoggi and several Mexican civil society figures, are currently suing NSO in an Israeli court over the hacking.

Source — https://www.aljazeera.com/news/2019/12/calling-app-totok-spying-tool-uae-report-191223054344039.html