This article is more than 1 year old

Snowden latest: NSA planned sneak attacks on Android app stores

Agencies also hid major flaws in UC Browser

The latest package of documents from whistleblower Edward Snowden details how the intelligence services planned to host man-in-the-middle attacks to install tracking and control software onto Android smartphones.

According to a presentation released from the Snowden archive to The Intercept the so-called "5 Eyes" nation's intelligence agencies – from the US, UK, Canada, Australia, and New Zealand – spent 2011 and 2012 working out ways to subvert connections to popular app stores, such as those run by Google and Samsung, in a project dubbed IRRITANT HORN.

That the intelligence services are working on software that can subvert iOS, Android and other smartphone operating systems isn't new. But the presentation details how operatives could intercept communications between app servers and customers to install code that could harvest personal information and even display disinformation on handsets.

The spur for this effort was the Arab Spring uprisings in the Middle East and Africa. The intelligence agencies reasoned that in such a situation then it needed to be able to put out software that could influence actions on the ground.

To do so the intelligence team targeted app servers in Africa, France and other companies' app download servers in Cuba, Morocco, Switzerland, Bahamas, the Netherlands and Russia. It appears code wasn't inserted on the servers themselves.

To aid this program the document details how the intelligence services hacking team found numerous security holes in the UC browser, which has half a billion users, predominantly in Asia and the Indian subcontinent.

These security flaws were actively used by the intelligence agencies to harvest personal information and install software for testing and tracking purposes, and the developer of the code, UCWeb, was never informed.

Canadian non-profit Citizen Lab has now compiled a full report into vulnerabilities and they have now been fixed. Citizen Lab Director Ron Deibert said that while the intelligence community's actions "may make sense from a very narrow national security mindset but it's at the expense of the privacy and security of hundreds of millions of users worldwide." ®

More about


Send us news

Other stories you might like