Profile picture
, 20 tweets, 9 min read
My Authors
Read all threads
Yesterday night, @campuscodi published an article about the COVID-19 detection app which has been removed from the PlayStore.

I saw the article this morning, so I decided to give it a look. Follow me for a walk 1/

zdnet.com/article/spying…
The Iranian gov made a website ac19.ir. On this website people can download an Android app "to test" if they are infected by the COVID-19 (coronavirus). 2/
*Reminder*: If you are sick, go to the doctor, download a f*cking app will not help you... 3/
The user can directly download the app on the website: dl.ac19.ir/ac19.apk 4/
When we extract the urls contained in the APK, we found 2 interesting domains:
- ac19.ir
- covid19.tfone.ir

5/
According to the WHOIS, covid19.tfone.ir has been registered by Mostafa Anoosheh. I wonder who is the Mostafa employer? 😏 6/
By doing a reverse WHOIS lookup, we can find that Mostafa registered 48 domains with his email address. 7/
In the list of the domains, we can find it14.ir his personal website. 8/
In his website, you can the document ManagementConfrenceNotes.txt with his work email. So his employer is a company called "Smart Land Solutions" 9/
Well, "Smart Land Solutions" was their name in 2016: web.archive.org/web/2016101119…. Now they are "Sarzamin Housmand" 10/
This company already made the news in the past. They created Hotgram and Talagram, two Telegram clones removed from the PlayStore accused of secretly collecting user data. 11/ tehrantimes.com/news/435641/Ho…
Some people claimed that these were developped on behalf of the Iranian intelligence agencies 12/
"Rahkar Sarzamin Houshmand has started its activity from 1384". This is a very old company 😅 13/
I feel sad Mostafa. I don't have access to his personal website anymore. He denied me access few minutes ago 14/
Looking the websites registered by Mostafa give us a good idea of the SLS business. iwin.ir is "the first cloud based call center accountability service" 15/
Another example, advest.ir is a advertisement related website 16/
If your governement is asking you to install an app on your phone, you shoudn't do it. There is a big probability that a shady company is behind it. 17/17
PS: Nice info regarding the tweet 13th of this thread
PS1: cc #OSINT friends @OsintSupport @nixintel @OsintCurious @BenDoBrown @dutch_osintguy @jakecreps
PS2: You can probably take over any user account in the app. There is no rate limiting in the otp code validation during the register process. So you can test all the possible code and boom. I didn’t test fully but it should work. But hey it’s a secret don’t tell anyone 🤫
Missing some Tweet in this thread? You can try to force a refresh.

Enjoying this thread?

Keep Current with Elliot Alderson

Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Related hashtags

#OSINT

More from @fs0c131y see all

Profile picture
Elliot Alderson
@fs0c131y
“Not trying to like be sassy”: well...

You want your 2s of Twitter fame and I can understand but let me explain why I didn’t link your thread in my thread.

Yesterday, @brxxnh1 published a direct link to the Clearview APK and made a good thread on how he found it. 1/n
When you have 145K followers you have to think twice before sharing something to your followers. Is the ressource has been obtained legally? Is there any legal repercussions to share it? You have to answer to this kind of question 2/n
But the most important point is: share an apk like this with my followers is like launching a DDOS on their service. You can be sure that a lot of you will use the app and some of you will abuse their service. I don’t like Clearview but I don’t want them to be DDOS... 3/n
Read 5 tweets
Profile picture
Elliot Alderson
@fs0c131y
<Thread>
Me: I should work on <important project for a client>
Twitter: The Clearview AI Android app is available
Me: Change of plans

Let see what I can find 1/n
To be honest, I don’t expect something cool. Without credentials I will be probably stuck very quickly 2/n
As mentioned by @Gizmodo in their article, Clearview can be intsalled on the Vuzix smart glasses 3/n
Read 19 tweets
Profile picture
Elliot Alderson
@fs0c131y
This is not how Twitter works. If one of your tweet blow up, you will not have thousands of followers. Check the tweets with X00K+ RTs and you will see.

You want more followers? Provide something useful for your community during a long period of time.
Also, having a lot of followers is not a proof of quality. The best article I read, I learn from are made by brillant people with a low followers count. As a "big" account on this network, I'm doing my best to promote them, their content and encourage them.
Multiple times, I met people who were looking for "the Internet fame". As a person who made the news multiple times these last years, was on TV, on conferences, I can tell you: yes, sometimes this is very cool, you are doing insane stuff you never think of before BUT man...
Read 9 tweets

Related threads

Profile picture
LSMOH
@LSMOH
PRESS RELEASE

                       COVID-19: SUSPECTED CHINESE PATIENT TESTS NEGATIVE

The Chinese man who arrived Lagos yesterday aboard an Ethiopian Airline and suspected for COVID-19 has tested negative for the disease, Commissioner for Health, @ProfAkinAbayomi has said
@ProfAkinAbayomi who disclosed this today while giving an update on the management and control of COVID-19 outbreak in Lagos State said the patient who arrived yesterday aboard an Ethiopian Airline was taken into isolation after exhibiting symptoms of #COVIDー19.
According to him, samples were collected from the patient and the test which turned out negative was carried out the Lagos State Bio-security Level 3 laboratory located within the premises of the Mainland Hospital.
Read 11 tweets
Profile picture
Mάρτιος _
@Vitalintegrity
#COVIDー19 Graphics Thread #Coronovirusupdate 3/3
Read 13 tweets
Profile picture
Jewhadi™
@JewhadiTM
For being a “professor,” you are INCREDIBLY stupid.

Why would @realDonaldTrump want his voter base to get sick and die if he’s concerned about his re-election chances?

That’s just 1 example of the dipshittery contained in your brief tweet

#COVIDー19
#LetThemGetSickAndDie
It wasn’t removed, but was tagged. Apparently, some brain dead nincompoop at Twitter thinks its “in the public’s interest for the Tweet to remain available.”
Read 3 tweets
Profile picture
Baba97
@Baba9773
1) News Roundup! Fake News Fires One Of Their Own, U.S. Black Friday Online Consumer Spending Hits $5.4 Billion (+22%) While Online Thanksgiving Day Shopping Sets A New Record, PDJT Is Using Reverse Psychology With Crazy Nancy When It Comes to the USMCA, Peter Navarro Interview,
2) Scott Is Absolutely Right, Angela Merkel Wants To Take Away Freedom Of Speech, France Is Gone, The Catholic Church Should Be Ashamed, Energy Dominance, PA Rally Update.....

You know it had to be really bad for Fake News to fire one of their own for pushing BS about our
3) President. I guess the embarrassment was to much for them to deal with.

Read 32 tweets
Profile picture
Paul Schmehl
@PaulSchmehl
Yesterday, this attorney published an article in Slate. I tried to correct his errors, but he ignored me. This is the article: slate.com/news-and-polit… What he’s arguing is that Trump has obstructed justice, because he lied about the Trump Tower meeting.
Since that’s such a profoundly ignorant statement, I feel compelled to correct the record. I seriously doubt it will matter to him, but it matters to me and to many of my followers. Here are the facts, taken straight from the sworn testimony of the participants.
First, some background. Robert Goldstone is an entertainment agent. His client is Emin Agalarov, a Russian entertainer with dreams of performing in the US. Goldstone is a Brit who has become a US citizen. Agalarov is a Russian citizen.
Read 52 tweets
Profile picture
JD
@TaterSaladJD
1/ Today started as an average Sunday. I was blissfully unaware of the world, dreaming one of my usual decadent dreams. This was the one in the massage parlor viewing the happenings from above and feeling every sensation, amplified as if everything were new.
2/ As always my masseuse was a petite lady with black hair, held back with chopsticks. She's hovered over me as she worked, her fingers pressing in, breaking the tension forcing it from my back and spine.
3/ Unsurprisingly metal conduits extended from her fingers and found their way deep into my flesh pinpointing the more difficult to reach spots. She worked her way up and down my spine, never revealing her face, and never leaving a mark -- despite her penetrating technique.
Read 24 tweets

Trending hashtags

#coronavirusitalla #QuestionMore #COVIDー19 #COVID #2019nCoV #Covid #covid4MDs #COVID19 #irancoronavirus #codiv19 #thepinch #irancorona #coronavirus #IMPORTANT #Covid_19 #EPRCore #Radres #COVID2019 #GDPR #federatedworking #COVD19 #coronvirus #LetThemGetSickAndDie #S1 #Coronavirus

Embed code for your website

×
Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!