"Sham Cash".. "Hayat Tahrir al-Sham" Imposes Financial System for Salaries and Tech Expert Reveals Vulnerabilities
The application's suspicious permissions, such as access to camera and biometric data, reflect risks to user privacy and information security
January 4, 2025, 10:33 pm

العاصمة السورية دمشق \ تعبرية \ متداول

The interim government affiliated with Hayat Tahrir al-Sham in Syria has imposed the "Sham Cash" application on employees for receiving their salaries, amid warnings of security and technical risks that may threaten users' privacy and personal data.

The appointee managing Syria's Central Bank under the interim government formed by Abu Mohammed al-Jolani issued circular No. 15/856/S dated 30/12/2024, requiring all financial and banking institutions operating in Syria to create accounts on the application through the official website shamcash.com, with a two-day deadline to implement the decision.

Information expert Dilshad Othman revealed in a detailed technical analysis on his Facebook page that the application requests concerning permissions, including access to phone camera, users' biometric data, and background operation. It can also detect active applications on the phone, raising concerns about potential surveillance use.

The technical expert explained that the application file is 43.91 MB with a specific digital signature and uses Flutter technology in the user interface, noting that the application prevents the phone from entering sleep mode, meaning it continues working in the background even when not in use.

Othman pointed out that the application is connected to servers in Turkey's Hatay province through a specific IP address and uses Google's Firebase service to communicate with the company's server, warning of a security vulnerability in port 1433 for Microsoft SQL Server.

The mystery surrounding the application's ownership and management raised numerous questions, as the domain was registered in July 2023 with hidden registrant identity, and the website contains no information about the owning company or its address, limiting communication to Telegram platform and European phone numbers.

The application requires several permissions from users including: system notifications, camera use, fingerprints and biometrics, internet connection, network status access, and prevention of sleep mode.

The technical expert advised users not to install the application if they don't trust the Salvation Government's financial institutions, emphasizing that the main problem isn't technical but relates to attempts to impose certain institutions on citizens.

These developments come about a month after the "Military Operations Administration" led by Abu Mohammed al-Jolani took control of Damascus on December 8, 2024, and the flee of former Syrian regime head Bashar al-Assad, at a time when voices calling for implementing a federal system that ensures financial transparency and protects citizens' privacy and digital rights are rising.

Levant-Follow up

Western Libya.. Security Campaign Targets Drug Dealers in Al-Zawiya Demanding Guarantees for Minorities.. Baerbock: We Will Judge Al-Jolani Through His Actions

BENEFIT, the Kingdom’s innovator and leading company in Fintech and electronic financial transactions service, held its Annual General Meeting (AGM) at the company’s headquarters in the Seef District.
During the meeting, shareholders approved all items listed on the agenda, including the ratification of the minutes of the previous AGM held on 26 March 2024. The session reviewed and approved the Board’s Annual Report on the company’s activities and financial performance for the fiscal year ended 31 December 2024, and the shareholders expressed their satisfaction with the company’s operational and financial results during the reporting period.
The meeting also reviewed the Independent External Auditor’s Report on the company’s consolidated financial statements for the year ended 31 December 2024. Subsequently, the shareholders approved the audited financial statements for the fiscal year. Based on the Board’s recommendation, the shareholders approved the distribution of a cash dividend equivalent to 10% of the paid-up share capital.
Furthermore, the shareholders endorsed the allocation of a total amount of BD 172,500 as remuneration to the members of the Board for the year ended 31 December 2024, subject to prior clearance by related authorities.
The extension of the current composition of the Board was approved, which includes ten members and one CBB observer, for a further six-month term, expiring in September 2025, pending no objection from the CBB.
The meeting reviewed and approved the Corporate Governance Report for 2024, which affirmed the company’s full compliance with the corporate governance directives issued by the CBB and other applicable regulatory frameworks. The AGM absolved the Board Members of liability for any of their actions during the year ending on 31st December 2024, in accordance with the Commercial Companies Law.
In alignment with regulatory requirements, the session approved the reappointment of Ernst & Young (EY) as the company’s External Auditors for the fiscal year 2025, covering both the parent company and its subsidiaries—Sinnad and Bahrain FinTech Bay. The Board was authorised to determine the external auditors’ professional fees, subject to approval from the CBB, and the meeting concluded with a discussion of any additional issues as per Article (207) of the Commercial Companies Law.
Speaking on the company’s performance, Mr. Mohamed Al Bastaki, Chairman BENEFIT , stated: “In terms of the financial results for 2024, I am pleased to say that the year gone by has also been proved to be a success in delivering tangible results. Growth rate for 2024 was 19 per cent. Revenue for the year was BD 17 M (US$ 45.3 Million) and net profit was 2 Million ($ 5.3 Million).

Mr. Al Bastaki also announced that the Board had formally adopted a new three-year strategic roadmap to commence in 2025. The strategy encompasses a phased international expansion, optimisation of internal operations, enhanced revenue diversification, long-term sustainability initiatives, and the advancement of innovation and digital transformation initiatives across all service lines.
“I extend my sincere appreciation to the CBB for its continued support of BENEFIT and its pivotal role in fostering a stable and progressive regulatory environment for the Kingdom’s banking and financial sector—an environment that has significantly reinforced Bahrain’s standing as a leading financial hub in the region,” said Mr. Al Bastaki. “I would also like to thank our partner banks and valued customers for their trust, and our shareholders for their ongoing encouragement. The achievements of 2024 set a strong precedent, and I am confident they will serve as a foundation for yet another successful and impactful year ahead.”
Chief Executive of BENEFIT; Mr. Abdulwahed AlJanahi commented, “The year 2024 represented another pivotal chapter in BENEFIT ’s evolution. We achieved substantial progress in advancing our digital strategy across multiple sectors, while reinforcing our long-term commitment to the development of Bahrain’s financial services and payments landscape. Throughout the year, we remained firmly aligned with our objective of delivering measurable value to our shareholders, strategic partners, and customers. At the same time, we continued to play an active role in enabling Bahrain’s digital economy by introducing innovative solutions and service enhancements that directly address market needs and future opportunities.”
Mr. AlJanahi affirmed that BENEFIT has successfully developed a robust and well-integrated payment network that connects individuals and businesses across Bahrain, accelerating the adoption of emerging technologies in the banking and financial services sector and reinforcing Bahrain’s position as a growing fintech hub, and added, “Our achievements of the past year reflect a long-term vision to establish a resilient electronic payment infrastructure that supports the Kingdom’s digital economy. Key developments in 2024 included the implementation of central authentication for open banking via BENEFIT Pay”
Mr. AlJanahi concluded by thanking the Board for its strategic direction, the company’s staff for their continued dedication, and the Central Bank of Bahrain, member banks, and shareholders for their valuable partnership and confidence in the company’s long-term vision.