Top-secret documents reveal that spy agencies from Australia, Canada, New Zealand, the United Kingdom and United States planned to implant spyware on mobile phones by intercepting data sent between app stores.
The document, shared by Edward Snowden, detailed plans for the NSA – along with its Five Eyes allies – to hijack the connection between the Google Play Store and the user's device, effectively infecting each and every app listing with spyware. The group ran a series of workshops in Australia back in 2011 and 2012 to develop ways of achieving said end goal. According to the document, as The Intercept reports:
"The main purpose of the workshops was to find new ways to exploit smartphone technology for surveillance. The agencies used the Internet spying system XKEYSCORE to identify smartphone traffic flowing across Internet cables and then to track down smartphone connections to app marketplace servers operated by Samsung and Google. "
Codenamed IRRITANT HORN, the implants would share data from infected smartphones with the agencies without the user being aware said information was being transferred. While smartphone hacking isn't new, previous disclosures by Snowden have revealed how agencies designed spyware for iPhones and Android-powered hardware, it's an insight into how they planned to go about infecting mobile devices.
The released document also touched on Samsung's app store too, as well as the UC Browser. We should note, however, that current security protocols employed by Google on the Play Store make infecting apps with spyware almost impossible. This means you should feel relatively safe when browsing around the catalogue of apps and downloading the Candy Crush Saga game to steal some minutes of your time.
Both Google and Samsung declined to comment on the news. Be sure to read through the full report on The Intercept.
Source: The Intercept