Mobile application ToTok has been reinstated to the Google Play app ecosystem, after it was removed last month due to claims that it was being used for government espionage.
ToTok, a social app that was released in 2019 and has been downloaded by millions, gained rapid popularity in the United Arab Emirates (UAE) where other messaging platforms like WhatsApp and Skype are partially restricted. But despite the app’s popularity, it was quickly take down from Google Play and the Apple App Store after a report from the New York Times in December claimed that the app is actually being used by the government of the United Arab Emirates as a spy tool used to track users’ conversations and location.
However, on Friday, ToTok said in a website update that the app is once again available on Google Play: “The wait is over. We are happy to inform you that #ToTok is now available for download on the Google Play Store. Thank you for your patience.”
Google had originally told the New York Times that it removed the app because it “violated unspecified policies.” When asked why the app was returned to Google Play, a Google spokesperson told Threatpost that “we take reports of security and privacy violations seriously. If we find behavior that violates our policies, we take action.”
The app appears to be updated on Google Play; under a “What’s New” tab on the Google Store app page, ToTok says there is now a newly-designed dialog to ask for user authorization for accessing and syncing their contact lists.
The app remains unavailable on the App Store. Apple did not respond to requests for comment from Threatpost.
According to the New York Times report, the developer behind the app, Breej Holding, is likely a “front” for a company affiliated with Abu Dhabi-based hacking company DarkMatter. According to the report, the app is able to track user location through offering a weather forecast tool, as well as access to contacts, device microphones, calendars and cameras.
The report based claims on an investigation into the app and its developers, as well as American officials “familiar with a classified intelligence assessment. A further forensic analysis was conducted by the New York Times in connection with security researcher Patrick Wardle, who was formerly a National Security Agency hacker.
ToTok has repeatedly refuted the claims as “vicious rumors” on its website. Threatpost has reached out for further comment.
“We firmly deny this baseless accusation, and we are profoundly saddened by this complete fabrication that was thrown at us. We feel caught up in some vile conspiracy against the UAE, and even jealousy by some people, who do not wish an app like ours from this region to ever become a global player,” ToTok’s co-founder Giacomo Ziani said in a recent interview with the Khaleej Times.
In separate reports on Monday, security experts such as Kim Zetter also claimed to be approached by ToTok asking to send out positive, sponsored tweets about ToTok. “Google allowed ToTok back into its Google Play store over the weekend, despite the fact that the intel community insists the chat app is a spy tool for the UAE and ToTok is trying to bribe journalists into saying good things about it,” she said in a tweet.
https://twitter.com/kimzetter/status/1214209558496731140
The potential use of messaging platforms, such as WhatsApp and Telegram, for government spying has been a constant concern over the past year. An exploit of a WhatsApp zero day in 2019, for example, raised concerns after it allowed hackers to inject spyware onto victims’ phones in targeted campaigns.
Concerned about mobile security? Check out our free Threatpost webinar, Top 8 Best Practices for Mobile App Security, on Jan. 22 at 2 p.m. ET. Poorly secured apps can lead to malware, data breaches and legal/regulatory trouble. Join our experts to discuss the secrets of building a secure mobile strategy, one app at a time. Click here to register.
