Skip to main content

NSA wanted to hijack Google Play Store to send spyware

The National Security Agency (NSA) and its allies planned to use Google's Play Store and the Samsung App Store to launch man-in-the-middle attacks and infect smartphones with malware, The Intercept says (opens in new tab).

In a recently unveiled top-secret document, leaked by the former NSA contractor Edward Snowden, it was shown how agents from the 'Five Eyes' alliance (United Kingdom, United States, Australia, Canada, New Zealand) realised, during workshops held in Australia and Canada between November 2011 and February 2012, how much traffic Google Play Store and Samsung App Store generated.

The agencies used the Internet spying system XKEYSCORE to identify smartphone traffic flowing across Internet cables.

As part of a pilot project codenamed IRRITANT HORN, the agencies were developing a method to hack and hijack phone users’ connections to app stores so that they would be able to send malicious “implants” to targeted devices, The Intercept writes. The implants could then be used to collect data from the phones without their users noticing.

This technique is called the man-in-the-middle attack. A man-in-the-middle attack is a technique in which hackers place themselves between computers as they are communicating with each other, and it would have allowed the surveillance agencies to modify the content of data packets passing between targeted smartphones and the app servers while an app was being downloaded or updated, inserting spyware that would be covertly sent to the phones.

So basically you thought you installed that new running app, when instead you have spyware on your phone.

The agencies also wanted to send “selective misinformation to the targets’ handsets”, also known as propaganda.

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.