Best daily deals

Affiliate links on Android Authority may earn us a commission. Learn more.

NSA planned to use the Play Store to implant spyware on target smartphones

When it can’t legally force its way onto private systems, the NSA does its best to sneak in – case in point, a pilot program called Irritant Horn, that saw the NSA and its allies attempt to hijack the connection between a target smartphone and the Play Store (then called Android Market).
By
May 21, 2015
NSASpyingACLUBigBrother

It’s no (longer a) secret that the NSA has planted its feelers deep into the very foundation of the Internet. Allegedly, the US spy agency has even obtained access to Google’s data centers, though it’s not clear whether this happened with Google’s cooperation.

When it can’t legally force its way onto private systems, the NSA does its best to sneak in – case in point, a pilot program called Irritant Horn, that saw the NSA and its allies attempt to hijack the connection between a target smartphone and the Play Store (then called Android Market).

nsa

The information about Irritant Horn comes from documents provided by Edward Snowden to The Intercept and CBC. The program, which appears to have been in its early stages in 2011-2012, had NSA analysts use a type of man-in-the-middle attack to implant spyware on Android devices connecting to the Android Market or Samsung’s apps store. Basically, besides the requested app, the targets were served malicious software that allowed spooks to eavesdrop on everything that happened on the device. The NSA even explored using the capability to modify the target device, for propaganda or disinformation purposes.

It’s not clear what came to be of this program, though it’s very likely that NSA is still actively working on finding and exploiting this, or similar, vulnerabilities.

The Intercept/CBC report also mentions a seemingly unrelated exploit discovered by NSA in UC Browser, an Android browser with more than 100 million downloads. UC Browser, according to the NSA document, “leaked” information about user activities and sent it back to servers in China (UC Browser is owned by Chinese tech giant Alibaba). According to analysis by Citizen Lab, a Canadian research group, UC Browser leaked “users’ search queries, SIM card numbers and unique device IDs;” Citizen Lab alerted Alibaba about the vulnerability, which has reportedly been fixed in an update to UC Browser from earlier this month. Alibaba claims that the leak was not intentional, though the edited NSA document leaves room for interpretation.

This is the latest in a series of controversial reports that questions the NSA’s active exploitation of weaknesses in the computer systems of American companies. Some argue that the NSA should privately disclose vulnerabilities in order to protect the interests of US citizens, while others think the end justifies the means.

For more details, check out The Intercept.