The New York Times reported that the app — which is branded as a secure messaging service even in the UAE that has restricted other services like WhatsApp and Skype — is used by the Emirati government to try to track every conversation, movement, relationship, appointment, sound and image of those who install it on their cell phones.
According to the report, millions of users across the Middle East, Europe, Asia, Africa and North America downloaded ToTok, which was introduced recently, from the Apple and Google app stores.
Most of the users of the application are in the UAE, but the service became one of the most downloaded social apps in the United States last week, according to app rankings and App Annie, a research firm.
The NYT cited its investigation into the app and its developers, and interviews with current and former American foreign officials familiar with the classified intelligence assessment as saying that “ToTok amounts to the latest escalation in a digital arms race among wealthy authoritarian governments” which are pursuing more effective methods to spy on foreign foes, journalists and critics.
The report said Persian Gulf countries such as Saudi Arabia and the UAE previously turned to private companies — including Israeli and American contractors — to hack rivals and, increasingly, their own citizens.
The American daily cited experts as saying that the development of ToTok showed that the governments can cut out the intermediary to spy directly on their targets, who voluntarily, if unwittingly, hand over their information.
Patrick Wardle, a former National Security Agency hacker who works as a private security researcher and who has conducted a forensic analysis for The Times, said the application appears to have been relatively easy to develop.
“There is a beauty in this approach,” said Wardle, now a security researcher at Jamf, a software company.
“You don’t need to hack people to spy on them if you can get people to willingly download this app to their phone. By uploading contacts, video chats, location, what more intelligence do you need?” he added.
UAE used Israeli spyware to target regional rivals: ReportThe UAE is reportedly using an Israeli phone-hacking program to spy on several Arab figures, among them the Qatari emir, Lebanese premier and a Saudi prince.
A technical analysis and interviews with computer security experts found that the developer of ToTok, Breej Holding, is most likely a front company affiliated with the Abu Dhabi-based cyberintelligence and hacking firm, DarkMatter, which is under FBI investigation for possible cybercrimes.
Emirati intelligence officials, former National Security Agency employees and former Israeli military intelligence operatives work for DarkMatter.
The American intelligence assessment and the technical analysis also linked ToTok to Pax AI, an Abu Dhabi-based data mining firm that appears to be tied to DarkMatter.
Pax AI’s headquarters operate from the same Abu Dhabi building as the UAE’s signals intelligence agency, which until recently was where DarkMatter was based.
The New York Times said one person familiar with the American intelligence assessment said that US officials have warned some allies about the dangers of ToTok.
The UAE’s ruling family portrays the country as an example of a modern and moderate Arab nation, but it has been at the forefront of using surveillance technology to crack down on internal opposition, including hacking Western journalists, emptying the banking accounts of critics, and holding human rights activists in prolonged solitary confinement over Facebook posts.