March 25, 2020
The Digital Threat Lab launched by the CyberHUB-AM initiative is investigating the AC19.app presented to the public by Armenia’s Deputy Prime Minister Tigran Avinyan on March 24th. According to Avinyan, the app will allow a user to fill in a questionnaire “and receive a pretty accurate information about one’s health.”
Suren Krmoyan, Adviser to Deputy Prime Minister, has said that the source code for the app was provided to the Armenian side by the Islamic Republic of Iran. It was translated and modified by Armenian specialists.
According to our preliminary assessment, the app establishes connections and exchanges information with its Armenian server and the Google Firebase mobile platform. It identifies the users by their phone numbers, as well as asks for access to geolocation data. Considering the challenges posed by COVID-19 pandemic and the state of emergency in Armenia, we don’t exclude the possibility that this information may be needed and useful, however we stress the importance for the authorities to exercise maximum transparency and use this information solely for stopping the pandemic and providing assistance to the people.
We would also like to point to the fact that the app is at the moment not available on Google Play or App Store, so it can only be installed via a direct download. This and the fact that the ESET-NODE32 antivirus engine detects the app as iranian malware, has prompted us to investigate the app. We will publish our findings about the investigation when they are available.