Last December, a report from the New York Times detailed how a chat app gaining traction around the world was actually being used as a spying tool by the United Arab Emirates (UAE). While ToTok was initially removed by Apple and Google, the Play Store later restored the messaging service. The Android app today looks to have been pulled again.
As of Friday afternoon, ToTok no longer appears on the Play Store when searching — though there are a number of clones — or visiting the listing directly. Citing a classified intelligence assessment by American officials, the Times last year investigated the close ties between ToTok’s developers and the UAE’s intelligence agency.
One digital security expert in the Middle East, speaking on the condition of anonymity to discuss powerful hacking tools, said that senior Emirati officials told him that ToTok was indeed an app developed to track its users in the Emirates and beyond.
ToTok was allegedly used by the country to “track every conversation, movement, relationship, appointment, sound, and image of those who install it on their phones.” This approach presents governments with a more direct form of surveillance that does not require comprising a target’s accounts or devices.
The app was billed as a straightforward messaging service with text, voice, and video calling. It’s been downloaded in the Middle East, Africa, Asia, Europe, and North America, with the Android version noting over 10 million downloads. Locally, the app is popular because it’s not blocked like other well-known services.
ToTok was removed from the App Store and Google Play before the NYT published its piece on December 22. The latter noted how ToTok violated the store’s policies, but did not specify further. On January 4, the application returned to the Play Store, but Google did not explain why it was let back in.