UPDATE: Ghost Security Group has changed their statements about this research. Here is the followup report.
ISIS has a new Android app for exchanging secure messages, joining another app that distributes propaganda and recruiting material, according to a counterterrorism network called the Ghost Security Group.
Last month, Ghost Security and others, observed ISIS members using private messages on the Telegram app and direct messages on Twitter to send followers to a site (since vanished) to download the Amaq Agency app.
“The application’s primary purpose is for propaganda distribution. Using the app you are able to follow the most recent news and video clips.” Ghost Security representatives told Defense One. The Amaq Agency has known ties to Islamic State and issued statements in support of the attackers in the recent California shootings before all the details were publicly available. .
Shortly after, Ghost Security discovered a separate app called Alrawi.apk, or just “the Alrawi app,” Initially, they believed it to resemble the Amaq Agency app. But on Jan. 11, they discovered “encrypted communications features although rudimentary to Telegram or other more-company created ones,” a Ghost Security representative told Defense One in an email.
The app would join ISIS’ other known methods of communication to individuals and groups. Among their favorite is Telegram, the a messaging app created by Pavel Durov, a Russian entrepreneur residing in Germany. Telegram allows encrypted communication to individuals, similar to Facebook’s WhatsApp; as well as a public broadcasting capability.
Immediately after the Paris attacks in November, credited to ISIS-affiliated gunmen, Telegram suspended 78 public ISIS-related channels in 12 languages. But Durov has made no promises that private chats could be shut down.
Our policy is simple: privacy is paramount. Public channels, however, have nothing to do with privacy. ISIS public channels will be blocked.— Pavel Durov (@durov) November 19, 2015
Here’s what today’s announcement from Ghost Security means if it’s true: even if FBI Director James Comey and others get their wish and providers of end-to-end encrypted communication are forced to put in back doors into their services or face banning, then ISIS would still have the ability to communicate securely, just not as securely as if they were using a service like Telegram or WhatsApp … at least not yet.