If you've been using ToTok on any of your devices, you should consider uninstalling it immediately. The new messaging platform that was one of the most downloaded apps last week was swiftly removed from the Google Play Store (and Apple's App Store) before the end of Friday. The abrupt decision came after American officials declared the service was actually spyware backed by the United Arab Emirates government.
According to researchers, ToTok's messaging business model is a facade designed to document extremely personal information about its users, including conversations, movements, relationships, appointments, sounds, and photos. Before the app was removed from online stores, it had received millions of downloads from smartphone owners living in North America, the Middle East, Europe, Asia, and Africa. Computer experts believe that the app developer behind ToTok, Breej Holding, is closely associated with DarkMatter, a cyber intelligence and hacking agency based in Abu Dhabi that is already under investigation by the FBI.
Although the ToTok app has been removed from the two largest application stores on the planet, the app itself has not been shut down. Users that already have ToTok installed on their phones can continue to use the app for the foreseeable future. However, ToTok will no longer receive app updates through the Play Store, not that it matters. Being that the app is likely a tool used to collect personal data, you may want to consider removing ToTok from your device altogether.
The makers of ToTok released a statement today, acknowledging these allegations but doing nothing to refute the claims made against it. The developer believes its absence from app stores is a temporary obstacle "due to technical issues," and it is working with Google and Apple to address concerns in hopes that ToTok will be available for download again soon. You can read the entire statement at the link below.
ToTok has released a follow-up statement that continues to dance around the claims that its app is spyware. In the statement, ToTok cofounders Giac and Long first misrepresent criticism of the app, asserting that the problems uncovered by the New York Times were simply that ToTok "tracks the personal appointments of its users" and that the app is "a spy tool built by the Israeli intel officers." Neither of these accurately convey the full nature of the complaints at hand — the contention of tracking personal appointments is a downplay of the true allegations, that the information was being captured for the UAE government. And while the firm behind ToTok has been linked to DarkMatter, with ex-Israeli military on staff, its ties to the intelligence community also include Emirati and US interests. ToTok implying that the allegations are of the UAE governments and Israeli governments are in cahoots is itself a farcical way of discrediting criticism.
Giac and Long go on to call the allegations "absurd" and assert that they built the app "with user security and privacy as our priority." They attempt to prove this by stating they had a former NSA agent do a "technical analysis," but provide none of the former agent's findings other than that he found the app "simply does what it claims to do, and really nothing more."
This statement does little to disprove the contention that the messaging app was pulling sensitive information from users for the United Arab Emirates government, and it does even less to prove that the ToTok team can be trusted at all. The full blog post is linked below.