Apple Pulls Emirati Chat App ‘ToTok’ From App Store for Allegedly Spying on Users

Apple has removed messaging app "ToTok" from the App Store after an investigation by the New York Times concluded that the app was actually a spying tool being used by the United Arab Emirates government to mass surveil its citizens.


According to the report, which cites U.S. officials familiar with a classified intelligence assessment, the app was being used to mine data from users' contact lists and track locations by offering a localized weather forecast.

ToTok's privacy policy notes that it "may share your personal data with group companies," but it turns out that the app is linked to Abu Dhabi-based cybersecurity firm DarkMatter, which is under investigation by the FBI for possible cybercrimes. A U.S. intelligence assessment also linked ToTok to Pax AI, an Abu Dhabi-based data mining firm.

In the time that it was available on the ‌App Store‌ and the Google Play store, the app was downloaded by millions of users in the Middle East, North America, Europe, Asia and Africa. The app was particularly popular in the UAE, where other messaging apps like WhatsApp and Skype are partially blocked. Users who installed the app on their devices are being advised to remove it, as any surveillance capacity could still potentially operate unhindered.

The UAE has reportedly been using surveillance technology to crack down on internal dissent in the country, including hacking Western journalists and holding human rights activists in solitary confinement over Facebook posts.

It's not the first time we've heard reports that apparently legitimate apps are being used as fronts for governments to spy on their citizens. An October report from the Open Technology Fund (OTF), an initiative funded by the U.S. government, revealed that an "educational" app teaching the Chinese Communist Party's policies includes code that amounts to a backdoor into users' Android devices.

A separate report elaborating on the findings said that the app, known as "Study Xi, Strong Nation," essentially gives the Chinese government the capacity to determine "the location of every citizen at any single point in time."

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Political News forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.


This article, "Apple Pulls Emirati Chat App 'ToTok' From App Store for Allegedly Spying on Users" first appeared on MacRumors.com

Discuss this article in our forums

Researchers and Hackers Use Rare Dev-Fused Prototype iPhones to Unlock Security Secrets

If you've ever wondered how security researchers and hackers manage to bypass Apple's protections and security features to uncover iPhone vulnerabilities and other sensitive info, Motherboard is out today with a new report that has an answer.

Hackers and security researchers use rare "dev-fused" iPhones created for internal use at Apple. These dev-fused iPhones have not finished the production process and have many security features disabled. Motherboard describes them as "pre-jailbroken devices."

A dev-fused iPhone image shared with Motherboard by collector Giulio Zompetti

Dev-fused iPhones are smuggled out of Apple where they can sell for thousands of dollars on the gray market. These iPhones are incredibly valuable due to the fact that they can be used to locate vulnerabilities able to impact release versions of the iPhone.
On the back of dev-fused iPhones seen by Motherboard, there's a QR-code sticker, a separate barcode, and a decal that says "FOXCONN," referring to the factory that makes iPhones and other Apple products. Otherwise, the phones look like normal iPhones. That standard iPhone experience ends when the phone is turned on. When booted up, you briefly see a command line terminal. And then when it loads, gone are the sleek icons and colorful backgrounds of iOS.
Motherboard spent months researching dev-fused iPhones, talking to more than two dozen sources ranging from security researchers and Apple employees to rare phone collectors and jailbreakers, and found that researchers, hackers, and high-profile companies like Cellebrite or GrayKey use these dev-fused iPhones to uncover bugs that can later be exploited by law enforcement agencies.

A dev-fused iPhone was, for example, used in 2016 to study the Secure Enclave Processor, and security researchers were able to uncover valuable details on how it works. These dev-fused iPhones are stolen property and illegal to possess, but are apparently "widely used" in the iPhone hacking scene.
"If you are an attacker, either you go blind or with a few thousand dollars you have all you need," Luca Todesco, one of the most well-known iOS security researchers in the world, told Motherboard, referring to people who buy dev-fused iPhones. "Some people made the second choice."
Motherboard was able to find someone on Twitter who sells dev-fused iPhones, with a dev-fused iPhone X priced at around $1,800. The seller said that he's provided dev-fused iPhones to several security researchers and that he believes major security firms that hack iPhones also use them. Other sellers offer dev-fused iPhones at higher prices, and Motherboard found an iPhone XR priced at $20,000.

Dev-fused iPhones are paired with a proprietary Apple cable called Kanzi that can cost upwards of $2,000, that, when plugged into a Mac, provides access to internal Apple software that offers root access to the phone.

Most of these devices seem to be stolen from and smuggled out of factories like Foxconn in China. Apple is apparently "well aware" of the fact that dev-fused devices are available. Apple has "ramped up efforts" to keep these devices from leaving Foxconn and does go after dev-fused iPhone sellers.

Motherboard's full report can be read over on the Motherboard website, and it is a fascinating look at the world of iPhone hacking for anyone who is interested in how iPhone vulnerabilities are uncovered.


This article, "Researchers and Hackers Use Rare Dev-Fused Prototype iPhones to Unlock Security Secrets" first appeared on MacRumors.com

Discuss this article in our forums

Melbourne Teen Pleads Guilty to Hacking Apple Servers and Accessing Customer Accounts

A Melbourne schoolboy has pleaded guilty to hacking into Apple's secure network after the company notified authorities of the intrusion (via The Age).

The teen, who can't be named for legal reasons, appeared at an Australian Children's Court on Thursday facing allegations of hacking into Apple's servers on multiple occasions.

Details of the case are still sketchy, but the boy's hacking is said to have begun at the age of 16, and included downloading tens of gigabytes of secure files and accessing "authorized keys" that grant login access to users.

The boy is said to have attempted to hide his identity using a number of methods including "computerized tunnels", a system which had "worked flawlessly" until the teen was caught.

That chain of events began when Apple apparently detected the unauthorized access and blocked the source of the intrusions. It subsequently notified the FBI, which passed on the information to the Australian Federal Police, resulting in a warrant being executed at the family home last year.

Prosecutors said the raid turned up a "litany of hacking files" on a computer laptop and hard drive, as well as a mobile phone with an IP address that matched the source of the intrusions.

The boy's lawyer said the teen was a fan of the company and had "dreamed of" working for Apple. His lawyer also asked the magistrate's court not to disclose some of the details of the case because the boy is well-known in the hacking community and it could put him at risk.

The magistrate's court acknowledged the guilty plea, and the case has been adjourned until next month for sentencing.


Discuss this article in our forums