NSA planned Google Play hack to target Android smartphones
Global intelligence agencies, including the US National Security Agency, planned to hijack millions of Android smartphones with spyware.
The project, first published Wednesday by CBC News and The Intercept, sought to exploit the smartphone operating system for surveillance. Dubbed "Irritant Horn" by the NSA, the agency planned to hack and hijack the connections to app stores and direct users to spyware. That spyware would collect data and send it back to the NSA without the user noticing.
The newly-released document shows how the NSA and its partner agencies in the UK, Canada, Australia, and New Zealand, wanted to launch man-in-the-middle attacks, a process of tapping into the connection between a user and a server, to install the spyware implant.
The project was in response to concerns sparked by the Arab Spring in late 2010, in which a number of countries' governments were overthrown. The NSA and its partner agencies did not want it spreading.
Irritant Horn followed in the footsteps of an earlier, successful effort targeting UC Browser, a widely popular app in China and India, in late 2011. After finding a weakness in the app, the NSA continued to search for ways into the app store and other Android phones, instead of disclosing the flaw to Alibaba, the app's developer.
It's not the first time smartphones have been the target of an intelligence agency's surveillance.
GCHQ, the British electronic eavesdropping agency, developed tools to target iPhones and Android devices. These tools, named after the children's television cartoon characters "The Smurfs," allowed the agency to determine a device's location with extreme accuracy, turn on devices when they were turned off, and to secretly activate a phone's microphone without the owner knowing.
We reached out to the NSA for comment, but did not immediately hear back. (The NSA did not respond to repeated requests for comment from The Intercept.)
See Gallery: 14 privacy tools you should use to stay secure