According to a top-secret document published by The Intercept and CBC, spying agencies in Canada, the United States, the United Kingdom, New Zealand and Australia were working together to develop a way to intercept data transmissions between Android smartphones and their respective app stores, all in an effort to implant spyware on countless smartphones across the world.
The initiative, codenamed Irritant Horn, saw the five countries, all part of a multi-national intelligence sharing agreement called the Five Eyes Alliance, use a system called XKeyScore to track smartphone data connections to app marketplace servers owned by Google and Samsung in countries like France, Switzerland, the Netherlands, Cuba, Morocco, the Bahamas and Russia.
According to the document, which was obtained by Edward Snowden, agents from each of the agencies in the Five Eyes Alliance met in Canada and Australia between November 2011 and February 2012 to develop a hack that would allow them to hijack a smartphone connection to an app store.
Previous documents obtained by Snowden showed that the National Security Agency and its allies had already developed spyware to implant on people’s phones, but it was not clear how the agency intended to proliferate these programs.
However, from this newest presentation, it’s clear that the Five Eyes alliance wanted to launch a series of so called “man-in-the-middle” attacks. As the Intercept notes, this is a technique that is sometimes used by criminal hackers attempting to defraud people. The hacker in question lies and waits in between two computers and sniffs data packets as they pass between them. The goal of the entire project was to collect information on smartphone users without them noticing.
For its part, the CSE told the CBC that the “CSE is mandated to collect foreign signals intelligence to protect Canada and Canadians from a variety of threats to our national security, including terrorism. CSE does not direct its foreign signals intelligence activities at Canadians or anywhere in Canada.”
Google and Samsung declined to comment on the leak.
Make sure to check out the full reports on The Intercept and CBC. There’s a lot more to these revelations than I’ve detailed here, including the fact that the NSA and CSE discovered and exploited a significant vulnerability within the UC Browser, an app developed by Chinese e-commerce company Alibaba Group that’s popular in China and India.