In a report, RaazNet said its technical analysis of the “National Keyboard” app, developed by the Taliban-controlled National Radio and Television, showed the software could pose serious risks to security, privacy and digital surveillance.
After examining the Android version of the app, the RaazNet team said it could not definitively classify the programme as spyware. However, it warned that “the combination of identified behaviours and technical decisions creates a high-risk environment for abuse, surveillance or unintended exposure of sensitive user data”.
It stressed that until comprehensive and transparent reforms are introduced, it does not recommend the application for journalists, civil society activists, women, Taliban opponents or other vulnerable users.
RaazNet said one of the most significant findings was the presence of a hardcoded artificial intelligence API key embedded directly in the app’s code.
According to the report, the application uses the key to connect to AI infrastructure and provide translation features within the keyboard.
The report said the app converts users’ typed text into prompts and sends them to external AI systems. RaazNet noted that even in ordinary translation software, such behaviour would require transparency and informed user consent.
It warned that the issue is especially sensitive in a keyboard application because users may type personal messages, passwords, financial information or confidential communications.
RaazNet said another major concern was the insecure logging of sensitive data in Android system logs.
According to the organisation, the app records information including the API key, AI responses, translated text and technical error details.
RaazNet stressed that based on current evidence it could not definitively label the “National Keyboard” as spyware. However, it said the processing of user text, transmission of data to external services and identified security weaknesses made the app high risk from a privacy and cybersecurity perspective.
Taliban-Iran Cooperation on Software Development
Last month, informed sources told Afghanistan International that the Taliban and the Islamic Republic had collaborated on developing a mobile application capable of monitoring users in Afghanistan. The software reportedly exposes smartphones and internet-connected devices to Taliban surveillance systems.
Sources speaking anonymously said the application included monitoring capabilities that could expose users’ smartphones and other connected devices to Taliban intelligence tracking systems.
Cybersecurity experts in London also warned that suspicious applications can collect sensitive data such as location, contacts, messages, browsing history and device access permissions.
They noted that in countries with severe restrictions on digital privacy, such tools can be used for surveillance and intelligence gathering.
At the same time, Hedayatullah Hedayat, head of the Taliban-controlled Bakhtar News Agency, announced that the “National Keyboard” software had been developed by the Taliban-run National Radio and Television.
RaazNet also warned about what it described as the “export of Iran’s repression and digital surveillance technologies” through cooperation between the Taliban and the Islamic Republic in software development.
