US government demands data on thousands of gun scope app users

Over 10,000 users may be caught in the crossfire of ICE’s request.

A scanner app with 100 million downloads starts to deliver malware An Android Google play app, available since 2010, has recently started installing malware.

Federal investigators have demanded information belonging to at least 10,000 users of a gun scoping app from Apple and Google. 

As reported by Forbes, the unprecedented data demand revolves around a single mobile application, Obsidian 4, which has been downloaded thousands of times on Android. 

It is not known how many iOS users may be involved. 

The app is marketed as accompanying software for the ATN X-Sight 4K and ThOR 4m products, both of which are rifle scopes. Obsidian 4 connects handsets to ATN devices through Wi-Fi to allow users to watch live streams, change gun settings, and take both audio and video footage. 

See also: 700,000 Choice Hotels records leaked in data breach, ransom demanded

According to the publication, a court order filed with the US Department of Justice (DoJ) has revealed the data demand as part of an investigation by the US Immigration and Customs Enforcement (ICE) into potentially illegal exports of ATN scopes and equipment.

It is important to note, however, that the maker of the app -- ATN -- is not under investigation.  

Forbes says that ICE has "continually intercepted" illegal shipments of scopes that are under the International Traffic in Arms Regulation (ITAR), legislation designed to control the export of information and goods with military applications. 

"Information requested herein will assist the government in identifying networks engaged in the unlawful export of this rifle scope through identifying end-users located in countries to which export of this item is restricted," the court order read, as seen by the publication. 

If the order is signed off by the court, the names of those who have downloaded the app since August 1, 2017, will be demanded, alongside their telephone numbers, IP addresses, and activity logs. 

CNET: US levies sanctions against North Korean hacking groups

Should Apple and Google hand over user data related to the app without challenge, this may assist federal agents in uncovering cases when the equipment connected to the software is involved in illicit export schemes. 

However, it may also involve the handover of information belonging to thousands of innocent and legitimate users. The data could also end up being used in investigations that do not relate to ITAR exports. 

In July, ICE, alongside the FBI, were criticized for plundering DMV databases in the quest for facial recognition scan information without the knowledge or permission of drivers. 

Apple, Google, and ATN have not responded to requests for comment at the time of publication. 

TechRepublic: Cybercriminals shop for admin access to healthcare portals

According to Google's latest Transparency Report, between July and December 2018, the tech giant received over 135,000 government requests relating to users and accounts, as well as over 63,000 direct requests for user data. 

In roughly the same timeframe (.PDF), Apple received approximately 29,000 device-related requests from government entities and 4,875 account-related information requests. 

Previous and related coverage


Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0