NewApp Digest
search bot

UAE

silver Android smartphone
AppWizard
February 11, 2026

UK-based pair behind messaging app accused of giving data to Iranian regime

Hadi and Mahdi Anjidani, co-founders of TS Information Technology, operate a messaging app called Gap Messenger, which is associated with the Iranian regime. Their company is based in Shoreham-by-Sea, West Sussex, and is linked to the Iranian software corporation Towse’e Saman Information Technology (TSIT). Despite claims of encryption and user privacy, experts have raised concerns about Gap Messenger's role in government censorship in Iran. Mahdi Anjidani has expressed pro-regime views in Iranian media and has connections to the Iranian government through his ventures. Gap Messenger has over 1 million downloads on Google Play and is part of Iran's domestic internet network aimed at controlling citizen access to information. Reports suggest that the app may have shared user data with Iranian authorities. The Anjidani brothers have ties to various business ventures in Iran, including a social network and a payment platform.
Minecraft update today (9th December): What changes in the Mounts of Mayhem patch notes?
AppWizard
December 11, 2025

Minecraft update today (9th December): What changes in the Mounts of Mayhem patch notes?

The Minecraft "Mounts of Mayhem" update is set to be released on Tuesday, December 9th, at approximately 4 PM GMT. The update will introduce new features including camel husks, skeletons riding camels, a new weapon called the spear with jabbing and charging attacks, the Spear Lunge enchantment, a new neutral mob called Nautilus that can be ridden underwater, zombie nautilus with drowned enemies, zombie horses ridden by zombies, significant improvements to horse mechanics allowing them to swim, and the ability to craft Netherite horse armor. Expected launch times in various time zones include 8 AM PST, 9 AM MST, 10 AM CST, 11 AM EST, 1 PM BRT, 5 PM CET, 6 PM SAST, 8 PM GST, 12 AM SGT (December 10th), 1 AM JST (December 10th), 3 AM AEDT (December 10th), and 5 AM NZDT (December 10th).
You Can’t Delete This Samsung App—And It Might Be Spying on You
AppWizard
November 17, 2025

You Can’t Delete This Samsung App—And It Might Be Spying on You

Samsung faces criticism for allegations that certain budget-friendly Galaxy A and M smartphones are preloaded with unremovable spyware, particularly affecting users in the Middle East and North Africa. The Lebanese digital rights organization SMEX has highlighted a pre-installed application called AppCloud on some Galaxy A and M devices sold in Saudi Arabia, the UAE, and Egypt. AppCloud, developed by ironSource, collects sensitive user data without explicit consent during device setup and is difficult to uninstall, often reinstalling after a device reset. Concerns have been raised about its potential use for surveillance and targeted cyberattacks, especially in politically sensitive areas. SMEX has called for increased transparency from Samsung, which has not yet responded. Independent research validating these claims about AppCloud's impact on privacy is currently lacking.
Google app possibly hints at the launch of Samsung's tri-fold phone
AppWizard
October 29, 2025

Google app possibly hints at the launch of Samsung’s tri-fold phone

Samsung's tri-fold phone has been referenced in Google's Android app, hinting at a potential launch before the end of October. Speculation suggests it may initially launch outside the U.S., possibly in South Korea, the greater Chinese market, and the UAE, with an unveiling date set for October 31. The app code includes the "tri-fold" label alongside a 2025 timeframe, indicating a broader strategy for future releases. The official name of the device is not confirmed, but it is expected to include "tri-fold" and likely carry the Galaxy branding.
New Android Spyware Targeting Users by Imitating Signal and ToTok Apps
AppWizard
October 3, 2025

New Android Spyware Targeting Users by Imitating Signal and ToTok Apps

ESET researchers have identified two Android spyware campaigns targeting users in the UAE, disguised as messaging applications Signal and ToTok. The first spyware family, Android/Spy.ProSpy, poses as upgrades for these apps, while the second, Android/Spy.ToSpy, specifically targets ToTok users. Both malware families were not found on official app stores and were distributed through phishing websites. The ProSpy campaign, active since 2024, uses deceptive sites to offer malicious APK files as enhancements. The ToSpy campaign, identified since mid-2022, targets ToTok backup files and has ongoing operations. Both spyware types collect extensive data, including contacts and SMS messages, and maintain persistent background operations. Google Play Protect offers some defense against these threats, and users are advised to avoid unofficial app installations.
Android spyware disguised as legitimate messaging apps targets UAE victims, researchers reveal
AppWizard
October 2, 2025

Android spyware disguised as legitimate messaging apps targets UAE victims, researchers reveal

Cybersecurity researchers have discovered two families of Android spyware that impersonate messaging applications Signal and ToTok, linked to campaigns named ProSpy and ToSpy. ToTok was discontinued in 2020 after being identified as a surveillance tool for the UAE government, but the spyware is disguised as an enhanced version called ToTok Pro. The spyware requests extensive permissions upon installation and exfiltrates sensitive data. It was distributed through third-party websites posing as legitimate services, with confirmed detections in the UAE, indicating a targeted operation. The spyware campaigns primarily aim at privacy-conscious residents in the UAE, as suggested by the domain name ending in “ae.net.”
Researchers uncover spyware targeting messaging app users in the UAE
AppWizard
October 2, 2025

Researchers uncover spyware targeting messaging app users in the UAE

Recent investigations by cybersecurity firm ESET revealed that new spyware campaigns in the UAE are targeting messaging apps. Two Android spyware campaigns, named ProSpy and ToSpy, are disguised as popular communication tools—Signal and ToTok. These spyware programs infiltrate devices through deceptive websites and unofficial app stores, enabling the theft of sensitive data such as files, contacts, and chat backups. The spyware reloads legitimate apps to create an illusion of authenticity. ESET identified command-and-control servers indicating that the ToSpy campaign is still active, and these spyware-laden apps can only be installed manually via third-party websites. The ToSpy malware was detected in June, with origins traced back to 2022, while the ProSpy campaign was also identified in June, potentially starting in 2024. Both campaigns utilize malicious Android Application Packages (APKs) disguised as enhancements to original applications.
Signal Messenger Impersonated in 'ProSpy' Android Spyware Campaign
AppWizard
October 2, 2025

Signal Messenger Impersonated in ‘ProSpy’ Android Spyware Campaign

ESET researchers have identified two Android spyware campaigns, ProSpy and ToSpy, which masquerade as secure messaging apps, Signal and ToTok. These malware families were first detected in June 2025 and are distributed through phishing websites and fake app marketplaces. ProSpy, which mimics a “Signal encryption plugin” or an enhanced ToTok, extracts sensitive user information, including SMS messages, contacts, and device metadata, after gaining permissions. It disguises itself as “Play Services” to avoid detection. ToSpy, discovered concurrently, seeks to capture specific files related to ToTok backups and collects various document types. Both malware types maintain long-term access to infected devices and have been reported to Google, resulting in Play Protect blocking their known variants. The main targets of these campaigns are users in the United Arab Emirates.
ESET Research discovers new spyware posing as messaging apps targeting users in the UAE
AppWizard
October 2, 2025

ESET Research discovers new spyware posing as messaging apps targeting users in the UAE

ESET Research has identified two new families of Android spyware: Android/Spy.ProSpy and Android/Spy.ToSpy. These malware campaigns target users of secure communication apps, specifically Signal and ToTok, and are distributed through deceptive websites and social engineering, primarily focusing on residents of the United Arab Emirates (UAE). Android/Spy.ProSpy pretends to be upgrades for the Signal and ToTok apps, while Android/Spy.ToSpy targets ToTok users exclusively. Both spyware families require manual installation from unofficial sources, as they are not available in official app stores. The ProSpy campaign was first noted in June 2025 but is believed to have been active since 2024, using misleading websites to distribute malicious APKs. ESET's findings indicate that the ToSpy campaigns are still ongoing, with command and control servers still operational. The spyware collects sensitive data, including contacts, SMS messages, and files, once installed. Users are advised to be cautious when downloading apps from unofficial sources and to avoid enabling installations from unknown origins.
Search