An Israeli tech firm has quietly embedded spyware into Samsung smartphones - and it poses a serious surveillance threat
Original article from May: https://smex.org/open-letter-to-samsung-end-forced-israeli-app-installations-in-the-wana-region/
I’m grateful the canary exists and covers a lot of underreported stuff that needs a “canary” to ring the alarm bell.
I do think they could do with sensationalising and exaggerating a little less in their titles though.
They should call it WANACry when it gets used for extortion.
The app’s privacy settings claim that users can disable this data collection by turning off “AppCloud” in the app list. But, according to SMEX, deletion requires the user to submit a form that does not exist, making it impossible to fully remove, at least without advanced technical expertise.
Hm, I just uninstall AppCloud no problem in a non-rooted, stock android in and from the region.
It also showed the URI or whatever of com.something.aura.However, can’t find any Aura app.
Looks like Aura app gets installed by AppCloud. I’m a bit frustrated I can’t find a list of apps known to be installed by AppCloud, or that include this *.aura.* URI. I mean this should be relevant for a shit ton of people and could be easily crowdsourced.
Some more information:
I looked at four different Samsung phones today (physically in the region). 2x phones bought in Europe. 2x phones bought in the region.
All non-rooted, stock android.
None of the phones had Aura installed. Two of them had AppCloud installed (one EU phone, one phone from the region) and it couldn’t be disabled as easily as the other phone. (I haven’t tried ADB, etc. yet, just the standard uninstallation procedure).
From another article - the app is called "Aura:
The app in question allows access to users’ data, including sensitive information such as IP addresses, device fingerprints, and personal details, enabling the identification and geographical location of the phone’s owner
If I rooted my phone can I somehow remove them(maybe with adaway and canta)??
But tbh I will never buy a Samsung again.Edit: I don’t think you need root to remove it.
I am not a professional, but i would say you can probably remove the App, BUT with just removing the App it might still be somewhere on the phone on a deeper level that you cannot really see right away and is hard to trace.
The article is also ridiculous… even the hidden Facebook installer (and alternatives) etc. could do all that. So the components that can only be removed with root access… This is about Israel, which specializes in this… as if they were developing spyware that is listed as an app…
Always root if in doubt. Even that is not enough sometimes, but it usually is.
I unlocked my bootloader and rooted anyways after that no longer can unlock bootloader thingy.
That’s a joke, right? So you can be sure that more data is being spied on and that firmware itself is equipped with backdoors…
So the data mentioned in the article… if you’re authorized to do so, you just need to buy it from the nearest data broker…Spyware as a listed app… from isreal? Common we dont talk about noobs.
This info actually dropped months ago but it didnt get much mainstream coverage i think.
Cellebrite, NGO, Paragon. Then you only need to think about the pager story…
If Aura wasn’t supposed to be discovered, it certainly wouldn’t have been stored as an app. That’s all I wanted to say.
