In the United Arab Emirates (UAE), popular messaging services that might be used in other parts of the world, like Skype and WhatsApp, are restricted. A homegrown alternative called ToTok was designed and released to the public. It was heavily downloaded in the Middle East and eventually by people all around the world in Europe, Asia, Africa, and North America. The catch with ToTok is that while it was a messaging app, it was also a tool used by the UAE government to spy on all who used it.
ToTok became one of the most downloaded social apps in the U.S. last week, according to research firm App Annie. The app was developed by a company called Breej Holding, which is most likely a front company affiliated with DarkMatter reports The New York Times. NYT says that DarkMatter is an Abu Dhabi-based cyberintelligence and hacking firm that counts among its staff former Emirati intelligence officials, former NSA employees, and former Israeli military intelligence operatives.
Currently, DarkMatter is under investigation for possible cybercrimes, and the company has also been linked to Pax AI, a data-mining firm based in Abu Dhabi.
ToTok was available on both the Google Play Store and the Apple App Store. Both Apple and Google said they were conducting investigations when the NYT reached out to them. Google pulled ToTok from the Play store last Thursday for violating unspecified policies. Apple removed the app from the store on Friday and was researching the app. ToTok is said to be a slightly customized version of an app from China called YeeCall, with tweaks for Arabic and English audiences.
It's unclear if the app allowed the UAE to record videos or calls. Both Google Play and the App Store have had issues keeping nefarious apps off their stores. In late October, an adware campaign using malicious apps caught millions of Android users.