An ISIS-supporting cybersecurity group that launched cloud and chat platforms last month warned followers that their Android downloads could be leaving them “vulnerable to penetration and targeting.”
The Electronic Horizons Foundation, which launched in January 2016 as an IT help desk of sorts to walk ISIS supporters through how to encrypt their communications and otherwise avoid detection online while coordinating with and recruiting jihadists, regularly issues cyber news, guidelines and advisories such as an “important warning” earlier this year telling supporters that “spies of intelligence agencies are using a new method to track down supporters through Google Play Store” — specifically, a custom app that “collects identifiable information of android phones.”
Their new alert lists the Play Store as an authoritative source for downloads and tries to steer ISIS supporters away from less reputable download sources.
“A widespread danger and threat, which we have repeatedly warned from, which is downloading applications in APK [Android Package Kit] format from unknown sources,” said the new alert, which was posted on the group’s website in Arabic, English, and French. “The curse of corrupted files targeting the munasirin [supporter] has spread, and most of those who fall into the traps of this matter are simple munasirin, who do not have technical experience in examining corrupted or suspicious files.”
“Based on the risks, threats, and news of the breaches caused by the scourge of corrupted apps, and affecting many munasirin, we warn against downloading apps in APK format from channels, groups, and Telegram accounts in general,” the EHF continued. “And we advise our brothers to download known or required apps from their official sources, either through an official website of the application to be downloaded, through the F-droid.org store or the Google Play Store.”
“As for permitting the downloading or installation of applications from Telegram and from third parties, they are vulnerable to penetration and targeting, so be careful, and Allah is the best guardian,” the alert added.
EHF announced last month that they launched their own cloud and chat platforms to help churn out new propaganda and allow followers of the terror group to better “close ranks” online.
“In light of recent developments in the media arena and the restriction of technology companies to content, we resorted to developing solutions that provide a space for propagation between the fellow supporters and the general Muslim community, so that the benefits may prevail,” the Electronic Horizons Foundation said in its announcement posted online. “We developed the ‘Horizons Cloud Platform’ for advocates to use to upload and publish files on the Internet.”
The group also developed an Element-based messaging and chat hub “to provide publishing rooms and continuous follow-up for news and content as an initiative to close ranks, and a starting point for the development of media work, Insha Allah.”
EHF released a 24-page cybersecurity magazine for ISIS supporters last May that walks jihadists through step-by-step security for smartphones — while encouraging them to use a computer instead for more secure terror-related business — and warns of “nightmare” Microsoft Windows collecting user data from geolocation to browsing history.
In a mid-April alert, EHF warned against using Bitcoin “for financial transactions and money transfer, as Bitcoin logs the financial records and transactions on the Blockchain, which is a database of Bitcoin transactions, and allows tracking of transfers from the sender and receiver.”
“We also warn that the money transfer services and sites (exchanges) to Bitcoin logs IP addresses and the purchase data of (Bitcoin currency), and these sites also cooperate with government agencies,” the cyber group continued, advising “our brothers to follow the maximum possible security measures” and warning against “using common methods in financial transactions.”