The app, called lrawi.apk, employs what is described as rudimentary encryption and was available for download last month on a Web site where Islamic State supporters could download it and another app for distributing propaganda, according to a story posted by Defense One.
The creation of such an encryption app has been considered a likely outcome of laws being proposed internationally requiring backdoors that would allow service providers to fulfill court orders to decrypt private communications of their customers.
Knowing that such commercial services are no longer secure would drive terrorists and other criminals to rely instead on existing end-to-end encryption that doesn’t have backdoors or to develop backdoor-free encryption of their own that doesn’t comply with the laws.
One argument against such laws is that if they were enacted criminals would still be able to communicate securely - so it wouldn’t achieve its goal - and it would undermine the security of encryption widely used for legitimate purposes that are critical to economies around the world. It would also undermine mechanisms used by journalists trying to protect sources and activists trying to avoid political reprisals, the argument goes.
Irawi.apk was discovered by the anti-Islamic State group Ghost Security, which monitors extremist Web sites, takes down extremist social media accounts and calls in law enforcement when it finds terrorism-related activities.
The site that hosted the app has since been taken down. The propaganda-distribution app it also hosted was posted by the Amaq Agency, which is believed to be tied to ISIS.
The encrypted communications features are rudimentary when compared to commercially available encryption, Ghost Security told Defense One. Islamic State uses the encrypted private messaging service Telegram, which has stronger encryption that that in the Irawi.apk app, according to Ghost Security.