this post was submitted on 09 Nov 2025
192 points (99.5% liked)

Privacy

3179 readers
231 users here now

Icon base by Lorc under CC BY 3.0 with modifications to add a gradient

founded 2 years ago
MODERATORS
Ategon@programming.dev
danielintempesta@programming.dev
192
EXPOSED: Samsung phones in West Asia/North Africa (WANA) region embedded with 'unremovable' Israeli spyware (www.thecanary.co)
submitted 1 month ago* (last edited 1 month ago) by Blaze@piefed.zip to c/privacy@programming.dev
9 comments fedilink hide all child comments
 

An Israeli tech firm has quietly embedded spyware into Samsung smartphones - and it poses a serious surveillance threat

Original article from May: https://smex.org/open-letter-to-samsung-end-forced-israeli-app-installations-in-the-wana-region/

top 9 comments
sorted by: hot top controversial new old
[–] GreenShimada@lemmy.world 40 points 1 month ago

From another article - the app is called "Aura:

The app in question allows access to users' data, including sensitive information such as IP addresses, device fingerprints, and personal details, enabling the identification and geographical location of the phone’s owner

[–] adhd_traco@piefed.social 14 points 1 month ago* (last edited 1 month ago) (1 children)

The app’s privacy settings claim that users can disable this data collection by turning off “AppCloud” in the app list. But, according to SMEX, deletion requires the user to submit a form that does not exist, making it impossible to fully remove, at least without advanced technical expertise.

Hm, I just uninstall AppCloud no problem in a non-rooted, stock android in and from the region.
It also showed the URI or whatever of com.something.aura.

However, can't find any Aura app.

Looks like Aura app gets installed by AppCloud. I'm a bit frustrated I can't find a list of apps known to be installed by AppCloud, or that include this *.aura.* URI. I mean this should be relevant for a shit ton of people and could be easily crowdsourced.

[–] adhd_traco@piefed.social 2 points 1 month ago

Some more information:

I looked at four different Samsung phones today (physically in the region). 2x phones bought in Europe. 2x phones bought in the region.

All non-rooted, stock android.

None of the phones had Aura installed. Two of them had AppCloud installed (one EU phone, one phone from the region) and it couldn't be disabled as easily as the other phone. (I haven't tried ADB, etc. yet, just the standard uninstallation procedure).

[–] FundMECFS@anarchist.nexus 6 points 1 month ago

I’m grateful the canary exists and covers a lot of underreported stuff that needs a “canary” to ring the alarm bell.

I do think they could do with sensationalising and exaggerating a little less in their titles though.

[–] Nasan@sopuli.xyz 3 points 1 month ago

They should call it WANACry when it gets used for extortion.

[–] throws_lemy@lemmy.nz 2 points 1 month ago

I remember some time ago this topic was discussed in a Telegram group about privacy. Some users began accusing OP of being anti-Semitic.

[–] IceFoxX@lemmy.world -1 points 1 month ago* (last edited 1 month ago) (1 children)

That's a joke, right? So you can be sure that more data is being spied on and that firmware itself is equipped with backdoors...
So the data mentioned in the article... if you're authorized to do so, you just need to buy it from the nearest data broker...

Spyware as a listed app... from isreal? Common we dont talk about noobs.

[–] unexposedhazard@discuss.tchncs.de 6 points 1 month ago (1 children)

This info actually dropped months ago but it didnt get much mainstream coverage i think.

[–] IceFoxX@lemmy.world 2 points 1 month ago* (last edited 1 month ago)

Cellebrite, NGO, Paragon. Then you only need to think about the pager story...
If Aura wasn't supposed to be discovered, it certainly wouldn't have been stored as an app. That's all I wanted to say.