Friday, 22 May 2015

NSA planned hack of Google app store to plant spyware on phones

The US National Security Agency (NSA) developed plans to hack into data links to app stores operated by Google and Samsung to plant spyware on smartphones, a media report said Thursday.

1 comment:

Guanyu said...

NSA planned hack of Google app store to plant spyware on phones

WASHINGTON (AFP) - The US National Security Agency (NSA) developed plans to hack into data links to app stores operated by Google and Samsung to plant spyware on smartphones, a media report said Thursday.

The online news site The Intercept said US intelligence developed the plan with allies in Britain, Canada, New Zealand and Australia, a group known as the “Five Eyes” alliance.

The report, based on a document leaked by former NSA contractor Edward Snowden, said the plan aimed to step up surveillance efforts on smartphones.

The plan appeared to have been discussed at meetings involving the intelligence services in 2011 and 2012, according to the classified document.

The project called “Irritant Horn” would allow the agencies to hijack data connections to app stores and surreptitiously implant malicious software on smartphones that would allow for data to be harvested.

The intelligence agencies could also use the spyware to send misinformation to targets to confuse potential adversaries, according to the report.

The Intercept said the plan was motivated in part by concerns about the possibility of “another Arab Spring,” or the spread of popular movements.

The agencies were particularly interested in the Africa region, especially Senegal, Sudan and the Congo but also targeted app store servers in France, Cuba, Morocco, Switzerland, Bahamas, the Netherlands and Russia.

At the time, the Google app store was called Android Market. It is now known as Google Play.

In developing the plan, the agencies found weaknesses in UC Browser, an app owned by Alibaba Group which is popular in China and India to browse the Internet and is used by some 500 million people worldwide.

The document was also published in Canada by CBC News, which said the aim of the plan was to collect data on suspected terrorists and other intelligence targets, including their online search queries, SIM card numbers, device IDs and the location of the smartphone.

In one case, according to the CBC, analysts found a foreign military using the UC Browser app to communicate covertly about its operations in Western countries.

There was no immediate comment on the report following AFP queries to the NSA.

Google and Samsung both declined comment.

Earlier this year, a Google security report said fewer than one percent of Android devices had a potentially harmful app installed, with the number even lower for those using official Google channels.

The report is the latest based on leaked documents from Snowden describing vast programs by NSA and other services to scoop up data in the search for terrorists.

The leaks starting in 2013 shocked many Americans and US allies and have led to calls for reform of laws governing US data collection.