Samsung Under Fire: Is AppCloud Actually an Israeli Spyware

Samsung finds itself facing a growing controversy over “AppCloud,” an application pre-installed on some of its more affordable smartphones. While the app has long been considered mere “bloatware,” recent allegations spreading across social media claim it is “Israeli spyware,” igniting serious privacy concerns, particularly in regions like the Middle East, Africa, and India.

The AppCloud application, found primarily on Galaxy A, M, and F series devices, presents users with third-party app recommendations during setup or updates. It has long been criticized by users as intrusive and difficult to remove, earning it the bloatware label—software manufacturers install to generate additional revenue, allowing them to maintain thin margins while competing with Chinese brands.

However, the controversy escalated when the app’s developer came into focus: ironSource, a company founded in Israel, which is now owned by Unity.

Escalation on Social Media

 

A new wave of accusations was triggered by a recent post on X (formerly Twitter) from the account “International Cyber Digest,” which garnered over 7.4 million impressions. The post explicitly labels AppCloud as “unremovable Israeli Spyware Found on Samsung Devices.”

The post also references an open letter published earlier this year by SMEX, a digital rights organization based in Lebanon.

In its analysis, SMEX alleges that ironSource uses AppCloud for mass data harvesting. The organization claims the app’s presence on Samsung phones poses “serious legal and ethical implications” in West Asia and North Africa (WANA) countries, where Israeli companies are often barred from doing business.

The Developer’s Troubled History

 

What further amplifies concern is that AppCloud, given its system-level permissions, cannot be easily uninstalled through standard methods. Removal is possible via ADB commands, but this process is unknown and technically prohibitive for the average user.

Suspicions are also fueled by ironSource’s past. Their earlier service “installCore,” designed for developers to monetize through bundled installers on Windows and macOS, was notorious for installing additional applications without explicit user knowledge or consent. Due to this behavior, many anti-malware clients classified “installCore” as a “Potentially Unwanted Program (PUP).”

While allegations that AppCloud is actively used for espionage have yet to be independently confirmed, the mere fact that the service is pre-installed, difficult to remove, and stems from a developer with a problematic history is causing justifiable unease among users.

It is expected that Samsung, facing this pressure, will offer users at least the option to permanently disable or uninstall the application. We have reached out to Samsung for comment and will update this article upon receiving a response.