Published in collaboration with CBC News, the report revealed that the NSA and its counterparts in the Five Eyes alliance, which include agencies from Canada, New Zealand, the United Kingdom, and Australia, planned to infect smartphones with spyware by hijacking the connection between the Google Play Store and your device. Codenamed IRRITANT HORN, the project would then allow the agencies to send “implants” to devices in order to collect data without users being aware of what was happening.
In order to achieve this, the agencies ran a series of workshops in 2011 and 2012 in Australia. As The Intercept puts it, smartphone traffic running through Internet cables was to be intercepted by using XKEYSCORE, an Internet spying system. After intercepting these cables, the agencies would then look at smartphone connections to app marketplace servers operated by Samsung and Google.
The agencies also discovered a vulnerability in UC Browser, a popular app browser used primarily in Asian countries like China and India. This vulnerability found the browser to be leaking identifying information on its users’ phones, information that allegedly helped these agencies uncover “covert activities” by a foreign military unit in Western countries.
Technology research group Citizen Lab, however, also discovered the vulnerability and alerted UC Browser, leading to the company issuing an update for the app that closed the hole.
The NSA has already caught flak for doing everything from tapping international leaders’ phones to the stealing of SIM card encryption keys, though this report now raises questions about whether other agencies around the world carry out equally questionable tactics in the name of security. Thankfully, Google Play is now designed to prevent “man-in-the-middle” attacks like this one, so you shouldn’t worry about such a plan being carried out.
