Security Market Segment LS
Tuesday, 23 July 2019 10:44

Researchers connect FaceApp with the Kremlin Featured


Researchers at a relatively unknown security research group Red Wolf Intelligence have uncovered what they claim are definitive connections between facial altering app FaceApp and the Russian Government.

FaceApp, developed by Russian software company Wireless Lab, enables users to realistically alter facial features of photos so that they can have different expressions and look older or younger. The app has recently raised alarm bells due to privacy concerns.

Red Wolf Intelligence is a very new group of researchers (so new that they don't currently have a web site!) keen to gain a prominent position in the IT security research community.

According to Logan Hicks, co-founder of Red Wolf Intelligence (Twitter: @redwolfintel), "We can at this point confirm with certainty that FaceApp is using the system to create Dossiers on users by integrating the data, and cross correlating it against WhatsApp, Google, Twitter, and other social media systems to collectively aggregate as much publicly available data on a user as possible."

Hicks continues, "The original data, in combination with other available public data, in correlation with modern day imagery analysis software could be easily used to create complex profiles of each individual user.

"The system as a whole is impressively complex, with a wide array of systems and platforms, at massive scale in consideration to relative age, and with a wide array of impressive security implementations.

"That being said, we can confirm the presence of a Japanese linked APT already observed on system."

Hicks has also confirmed that FaceApp Pro is definitely malware. "Don't download it under any circumstances." The team is quite sure that FaceApp Pro is not an authorised app from the same team that developed FaceApp. It is assumed that it was created by some malicious third-party developer.

Further investigation has confirmed that FaceApp uses servers with both "logical and geographical proximity to the Kremlin."

The images below show "a name server linked directly to the Kremlin and FaceApp, as well as geographic proximity to the Kremlin itself, which is also known to utilise Geo-Distorting technology to offset for defence purposes for several critical locations within the Russian Federation, to include the Kremlin."

 faceApp whois

The geolocation shown places the server in the middle of the Moskva River, less than two kilometres from the Kremlin.

 faceApp geolocate

iTWire spoke to Hicks earlier today, where he requested we refrain from publishing certain aspects of the team's investigation, pending the completion of a formal research paper. Further information will be provided in a follow-up.


26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more


David Heath

David Heath has had a long and varied career in the IT industry having worked as a Pre-sales Network Engineer (remember Novell NetWare?), General Manager of IT&T for the TV Shopping Network, as a Technical manager in the Biometrics industry, and as a Technical Trainer and Instructional Designer in the industrial control sector. In all aspects, security has been a driving focus. Throughout his career, David has sought to inform and educate people and has done that through his writings and in more formal educational environments.



Recent Comments