Five Eyes spies sought to subvert Google, Samsung app stores

By

Attempted to plant malware, spread misinformation.

Western spy agencies attempted to redirect user connections to smartphone app stores to plant malware and tamper with data traffic, according to new documents leaked by former United States National Security Agency (NSA) contractor Edward Snowden.

Five Eyes spies sought to subvert Google, Samsung app stores

First reported jointly by CBC News and The Intercept, the documents detail a pilot project, code-named Operation IRRITANT HORN, discussed in workshops in Australia and Canada between 2011 and 2012.

IRRITANT HORN is a joint operation between the NSA, the Australian Signals Directorate, the Government Communications Security Bureau (New Zealand), GCHQ in UK and Canada's Communications Security Establishment (CSE).

It aimed to create a man-in-the-middle (MITM) attack that would allow the Five Eyes spy agencies to implant malware on Android devices as they tried to connect to official app stores and update servers.

Furthermore, the agencies sought to plant misinformation to target handsets, and to exploit the app stores to profile these extensively for information gathering.

The spies targeted the UCWeb browser in particular, which a British Government Communications Headquarters (GCHQ) analyst had discovered leaked plenty of information about mobile devices, during a Signals Directorate workshop.

Device information leaked by UCWeb included data such as the international mobile subscriber identity and international mobile station equipment identity (IMSI and IMEI) identifiers. UCWeb would also reveal information about the devices themselves.

Analysts developed plugins for the XKEYSCORE search engine front end that would single out worldwide internet traffic patterns obtained from intercepts related to Samsung and Google update and app servers, as well as for UCWeb.

XKEYSCORE fingerprints to identify mobile carriers, Samsung and Google app stores have been deployed among the Five Eyes spy agencies, the documents say.

None of the signals intelligence agencies would provide comment to The Intercept on the matter, nor would Google and Samsung.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
asdedward snowdengoogle playmitmnsasamsungsecuritysurveillance

Sponsored Whitepapers

See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Diamond IT Delivers GRC Transformation with Microsoft Purview
Diamond IT Delivers GRC Transformation with Microsoft Purview
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy

Events

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers
Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies
Victoria's Secret pulls down website amid security incident

Victoria's Secret pulls down website amid security incident
Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?