43.1 F
Washington D.C.
Saturday, January 28, 2023

ISIS IT Group Warns of Vulnerability of Google Play Store Messaging App

An ISIS-supporting cybersecurity group warned followers of the terror group that installing a Google Play app would leave them vulnerable to surveillance by intelligence agencies.

The alert was issued by the Electronic Horizons Foundation, which launched in January 2016 as an IT help desk of sorts to walk ISIS supporters through how to encrypt their communications and otherwise avoid detection online while coordinating with and recruiting jihadists.

EHF released a 24-page cybersecurity magazine for ISIS supporters last May that walks jihadists through step-by-step security for smartphones — while encouraging them to use a computer instead for more secure terror-related business — and warns of “nightmare” Microsoft Windows collecting user data from geolocation to browsing history.

The new EHF “important warning” distributed online told supporters that “spies of intelligence agencies are using a new method to track down supporters through Google Play Store.”

“One of the spies,” EHF said, uploaded a custom app that “collects identifiable information of android phones.”

“Then he targets and communicates with supporters by claiming that they have received a money transaction, and they need to install the application in order to receive it,” the alert continued. “Beware of installing or using suspicious apps promoted by unknown individuals, whether it’s an APK file or uploaded to app stores. Intelligence mercenaries are trying to use users’ trust in the app store in order to target supporters using malicious apps uploaded to the app store.”

The app named by EHF is advertised on Google Play as a highly secure messaging app with end-to-end encryption. Concerned about the security of their information on social media and Telegram messenger, EHF recently has been trying to steer ISIS followers toward using the Element messenger.

EHF last year urged followers to use alternate operating systems such as Qubes, Tails or Whonix. The ISIS cyber group has also highlighted “wrong security practices” including browsing the internet without Tor or VPN, downloading apps from third-party sources, failing to encrypt the device or storage devices, neglecting to install security updates, failing to use fake credentials on social media, and using social media via apps instead of logging on through a browser. Jihadists have also been warned against opening potentially malicious links that can open them to a security breach.

In fall 2019, EHF announced a new project intended to better develop the cyber skills of jihadists called the Talaea Al-Ansar Foundation in conjunction with Bank al-Ansar, an ISIS propaganda outlet that claims to have set up ISIS supporters with thousands of Facebook and Twitter accounts — relieving the online jihadists from having to use personal information to register on the social media services.

The foundation, billed as an “educational foundation which aims to train and develop the technical and media skills of Ansar Al-mujahideen on the internet,” also pitched “coordination with specialists in media and technology fields” and supporting online jihadists with “materials and the required tools.” They also vowed to focus on “spreading security awareness” through “different methods to face the security threats which target us” in jihadist circles.

In June 2019, the EHF highlighted the vulnerability of some million devices to the “BlueKeep” Microsoft flaw dubbed “potentially wormable” by the National Security Agency.

The EHF has also released a series of print and video tutorials covering a range of mobile security and dark-web how-tos for fellow ISIS supporters, along with weekly tech bulletins to educate ISIS followers about current cybersecurity trends and vulnerabilities.

Bridget Johnson
Bridget Johnson is the Managing Editor for Homeland Security Today. A veteran journalist whose news articles and analyses have run in dozens of news outlets across the globe, Bridget first came to Washington to be online editor and a foreign policy writer at The Hill. Previously she was an editorial board member at the Rocky Mountain News and syndicated nation/world news columnist at the Los Angeles Daily News. Bridget is a terrorism analyst and security consultant with a specialty in online open-source extremist propaganda, incitement, recruitment, and training. She hosts and presents in Homeland Security Today law enforcement training webinars studying a range of counterterrorism topics including conspiracy theory extremism, complex coordinated attacks, critical infrastructure attacks, arson terrorism, drone and venue threats, antisemitism and white supremacists, anti-government extremism, and WMD threats. She is a Senior Risk Analyst for Gate 15 and a private investigator. Bridget is an NPR on-air contributor and has contributed to USA Today, The Wall Street Journal, New York Observer, National Review Online, Politico, New York Daily News, The Jerusalem Post, The Hill, Washington Times, RealClearWorld and more, and has myriad television and radio credits including Al-Jazeera, BBC and SiriusXM.

Related Articles

- Advertisement -

Latest Articles