Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

NSA Planned Hack of Google App Store

The US National Security Agency developed plans to hack into data links to app stores operated by Google and Samsung to plant spyware on smartphones, a media report said Thursday.

The online news site The Intercept said US intelligence developed the plan with allies in Britain, Canada, New Zealand and Australia, a group known as the “Five Eyes” alliance.

The US National Security Agency developed plans to hack into data links to app stores operated by Google and Samsung to plant spyware on smartphones, a media report said Thursday.

The online news site The Intercept said US intelligence developed the plan with allies in Britain, Canada, New Zealand and Australia, a group known as the “Five Eyes” alliance.

The report, based on a document leaked by former NSA contractor Edward Snowden, said the plan aimed to step up surveillance efforts on smartphones.

The plan appeared to have been discussed at meetings involving the intelligence services in 2011 and 2012, according to the classified document. The project called “Irritant Horn” would allow the agencies to hijack data connections to app stores and surreptitiously implant malicious software on smartphones that would allow for data to be harvested.

The intelligence agencies could also use the spyware to send misinformation to targets to confuse potential adversaries, according to the report.

The Intercept said the plan was motivated in part by concerns about the possibility of “another Arab Spring,” or the spread of popular movements.

The agencies were particularly interested in the Africa region, especially Senegal, Sudan and the Congo but also targeted app store servers in France, Cuba, Morocco, Switzerland, Bahamas, the Netherlands and Russia.

At the time, the Google app store was called Android Market. It is now known as Google Play.

Advertisement. Scroll to continue reading.

In developing the plan the agencies found weaknesses in UC Browser, an app owned by Alibaba Group which is popular in China and India to browse the Internet and is used by some 500 million people worldwide.

The document was also published in Canada by CBC News, which said the aim of the plan was to collect data on suspected terrorists and other intelligence targets, including their online search queries, SIM card numbers, device IDs and the location of the smartphone.

In one case, according to the CBC, analysts found a foreign military using the UC Browser app to communicate covertly about its operations in Western countries.

There was no immediate comment on the report following AFP queries to the NSA or Google. Samsung declined comment.

The report is the latest based on leaked documents from Snowden describing vast programs by NSA and other services to scoop up data in the search for terrorists.

The leaks starting in 2013 shocked many Americans and US allies and have led to calls for reform of laws governing US data collection.

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

People on the Move

Professional services company Slalom has appointed Christopher Burger as its first CISO.

Allied Universal announced that Deanna Steele has joined the company as CIO for North America.

Former DoD CISO Jack Wilmer has been named CEO of defensive and offensive cyber solutions provider SIXGEN.

More People On The Move

Expert Insights

Related Content

Mobile & Wireless

Samsung smartphone users warned about CVE-2023-21492, an ASLR bypass vulnerability exploited in the wild, likely by a spyware vendor.

Malware & Threats

Apple’s cat-and-mouse struggles with zero-day exploits on its flagship iOS platform is showing no signs of slowing down.

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Cybercrime

Daniel Kelley was just 18 years old when he was arrested and charged on thirty counts – most infamously for the 2015 hack of...

Fraud & Identity Theft

A team of researchers has demonstrated a new attack method that affects iPhone owners who use Apple Pay and Visa payment cards. The vulnerabilities...

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Mobile & Wireless

Critical security flaws expose Samsung’s Exynos modems to “Internet-to-baseband remote code execution” attacks with no user interaction. Project Zero says an attacker only needs...

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.