The United States National Security Agency (NSA) and its counterparts planned to hack Google Play and Samsung app stores as part of a project to spy on Android smartphones.
The Intercept and CBC News first reported about the surveillance project, which was launched by the Network Tradecraft Advancement Team, a joint electronic eavesdropping unit composed of spies from five countries dubbed as the “Five Eyes” alliance—Australia, Canada, New Zealand, the United Kingdom, and United States.
Based on the top-secret documents obtained from whistleblower Edward Snowden, the NSA and its counterparts were working on a series of strategies to implement their surveillance project during workshops in Australia and Canada between November 2011 and February 2012.
The spies were working on the surveillance project codenamed “Irritant Horn” were developing a method to hack and hijack users’ connection to app stores using a spyware. Their intention was to collect data without being noticed by users.
Previous documents disclosed by Snowden showed that the NSA and its counterparts designed a spyware for the iPhone and Android smartphones. Through the spyware, the agencies managed to hack the phones of their target users and obtained data such as emails, text messages, call records, photos, videos, and other files saved on their devices. Snowden revealed that the NSA was overwhelmed with data, and its strategy became ineffective.
NSA intended to launch “man-in-the-middle” attacks
The documents showed that the NSA and its allied intended to exploit the app store serves by launching a man-in-the-middle attack, a strategy used by hackers in which they put themselves between computers as they communicate with each other. The tactic would enable the agencies to insert a spyware and covertly change the content of data packets passing between the servers and targeted smartphones while users download or update an app.
The documents showed that the NSA and its counterparts’ surveillance project was designed to prevent another Arab Spring, which started in Tunisia in December 2010 and to other countries in the Middle East and North Africa.
Response from Five Eyes alliance
The Intercept and CBC News reached out to the agencies of the Five Eyes alliance involved in the surveillance projects for their comment. None of the agencies provided specific details about it.
The Signals Directorate of Australia explained that it has “long-standing practice” of not discussing intelligence matters.
A spokesperson for Canada’s Communications Security Establishment commented that the agency was “mandated collect foreign signals intelligence to protect Canada and Canadians from a variety of threats to our national security, including terrorism.”
The Government Communications Security Bureau of New Zealand emphasized that it has “foreign intelligence mandate” and all of its activities are “explicitly authorized and subject to independent oversight.”
United Kingdom’s Government Communications Headquarter said it was carrying out its work “in accordance with a strict legal and policy framework.” The agency assured that its activities were authorized, necessary, and proportionate.”
The NSA did not respond to the repeated requests for comments regarding the issue.
