The U.S. National Security Agency (NSA) and its intelligence partners in the Five Eyes alliance exploited weaknesses in cell phone apps to spy on users, new documents reveal. (Photo: Japanexperterna.se/cc)
May 21, 2015
The intelligence alliance known as Five Eyes--comprising the U.S., Canada, New Zealand, the United Kingdom, and Australia--exploited security weaknesses in one of the world's most popular browsers to obtain data about users and planned to use links to Google and Samsung app stores to infect smartphones with spyware, a top secret National Security Agency (NSA) document published Wednesday has revealed.
According to the 2012 document, leaked by whistleblower Edward Snowden and published jointly by CBC News and The Intercept, the NSA and its international counterparts took part in a series of workshops between November 2011 and February 2012 to find new ways to exploit smartphone technology for spying operations.
The Intercept reports:
As part of a pilot project codenamed IRRITANT HORN, the agencies were developing a method to hack and hijack phone users' connections to app stores so that they would be able to send malicious "implants" to targeted devices. The implants could then be used to collect data from the phones without their users noticing.
CBC continues:
The Five Eyes alliance targeted servers where smartphones get directed whenever users download or update an app from Google and Samsung stores.
...Ultimately, the spy agencies wanted to implant spyware on certain smartphones to take control of a person's device or extract data from it, the document suggests.
The spy agencies also sought to match their targets' smartphone devices to their online activities, using databases of emails, chats and browsing histories kept in the Five Eyes' powerful XKeyScore tool to help build profiles on the people they were tracking.
The project emerged in part due to concerns about the possibility of "another Arab spring," referring to the 2011 wave of revolutionary actions in Tunisia, Egypt, and other countries in the Middle East and North Africa where several autocratic, Western-backed leaders were ousted.
"Respecting agreements not to spy on each others' citizens, the spying partners focused their attention on servers in non-Five Eyes countries, the document suggests," write CBC's Amber Hildebrandt and Dave Seglins. "The agencies targeted mobile app servers in France, Switzerland, the Netherlands, Cuba, Morocco, the Bahamas and Russia."
The spy agencies also began targeting UC Browser--a popular app in India and China with growing usage in North America--in late 2011 after learning that it had leaked information about its half-billion users.
According to the reporting, the operation was launched by a joint surveillance unit called the Network Tradecraft Advancement Team, which includes spies from each of the Five Eyes nations.
The document frames the plan as a move for national security, with the agencies seeking to collect data or spy indefinitely on mobile phones of "suspected terrorists." But they did so without alerting the public or the phone companies of the browser's weaknesses, which "potentially put millions of users in danger of their data being accessed by other governments' agencies, hackers or criminals," Hildebrandt and Seglins write.
"Of course, the security agencies don't [disclose the information]," Ron Deibert, executive director of digital rights group Citizen Lab, which identified security gaps in UC Browser and alerted the company to those issues in April, told CBC. "Instead, they harbor the vulnerability. They essentially weaponize it."
Why Your Ongoing Support Is Essential
Donald Trump’s attacks on democracy, justice, and a free press are escalating — putting everything we stand for at risk. We believe a better world is possible, but we can’t get there without your support. Common Dreams stands apart. We answer only to you — our readers, activists, and changemakers — not to billionaires or corporations. Our independence allows us to cover the vital stories that others won’t, spotlighting movements for peace, equality, and human rights. Right now, our work faces unprecedented challenges. Misinformation is spreading, journalists are under attack, and financial pressures are mounting. As a reader-supported, nonprofit newsroom, your support is crucial to keep this journalism alive. Whatever you can give — $10, $25, or $100 — helps us stay strong and responsive when the world needs us most. Together, we’ll continue to build the independent, courageous journalism our movement relies on. Thank you for being part of this community. |
Our work is licensed under Creative Commons (CC BY-NC-ND 3.0). Feel free to republish and share widely.
Nadia Prupis
Nadia Prupis is a former Common Dreams staff writer. She wrote on media policy for Truthout.org and has been published in New America Media and AlterNet. She graduated from UC Santa Barbara with a BA in English in 2008.
The intelligence alliance known as Five Eyes--comprising the U.S., Canada, New Zealand, the United Kingdom, and Australia--exploited security weaknesses in one of the world's most popular browsers to obtain data about users and planned to use links to Google and Samsung app stores to infect smartphones with spyware, a top secret National Security Agency (NSA) document published Wednesday has revealed.
According to the 2012 document, leaked by whistleblower Edward Snowden and published jointly by CBC News and The Intercept, the NSA and its international counterparts took part in a series of workshops between November 2011 and February 2012 to find new ways to exploit smartphone technology for spying operations.
The Intercept reports:
As part of a pilot project codenamed IRRITANT HORN, the agencies were developing a method to hack and hijack phone users' connections to app stores so that they would be able to send malicious "implants" to targeted devices. The implants could then be used to collect data from the phones without their users noticing.
CBC continues:
The Five Eyes alliance targeted servers where smartphones get directed whenever users download or update an app from Google and Samsung stores.
...Ultimately, the spy agencies wanted to implant spyware on certain smartphones to take control of a person's device or extract data from it, the document suggests.
The spy agencies also sought to match their targets' smartphone devices to their online activities, using databases of emails, chats and browsing histories kept in the Five Eyes' powerful XKeyScore tool to help build profiles on the people they were tracking.
The project emerged in part due to concerns about the possibility of "another Arab spring," referring to the 2011 wave of revolutionary actions in Tunisia, Egypt, and other countries in the Middle East and North Africa where several autocratic, Western-backed leaders were ousted.
"Respecting agreements not to spy on each others' citizens, the spying partners focused their attention on servers in non-Five Eyes countries, the document suggests," write CBC's Amber Hildebrandt and Dave Seglins. "The agencies targeted mobile app servers in France, Switzerland, the Netherlands, Cuba, Morocco, the Bahamas and Russia."
The spy agencies also began targeting UC Browser--a popular app in India and China with growing usage in North America--in late 2011 after learning that it had leaked information about its half-billion users.
According to the reporting, the operation was launched by a joint surveillance unit called the Network Tradecraft Advancement Team, which includes spies from each of the Five Eyes nations.
The document frames the plan as a move for national security, with the agencies seeking to collect data or spy indefinitely on mobile phones of "suspected terrorists." But they did so without alerting the public or the phone companies of the browser's weaknesses, which "potentially put millions of users in danger of their data being accessed by other governments' agencies, hackers or criminals," Hildebrandt and Seglins write.
"Of course, the security agencies don't [disclose the information]," Ron Deibert, executive director of digital rights group Citizen Lab, which identified security gaps in UC Browser and alerted the company to those issues in April, told CBC. "Instead, they harbor the vulnerability. They essentially weaponize it."
Nadia Prupis
Nadia Prupis is a former Common Dreams staff writer. She wrote on media policy for Truthout.org and has been published in New America Media and AlterNet. She graduated from UC Santa Barbara with a BA in English in 2008.
The intelligence alliance known as Five Eyes--comprising the U.S., Canada, New Zealand, the United Kingdom, and Australia--exploited security weaknesses in one of the world's most popular browsers to obtain data about users and planned to use links to Google and Samsung app stores to infect smartphones with spyware, a top secret National Security Agency (NSA) document published Wednesday has revealed.
According to the 2012 document, leaked by whistleblower Edward Snowden and published jointly by CBC News and The Intercept, the NSA and its international counterparts took part in a series of workshops between November 2011 and February 2012 to find new ways to exploit smartphone technology for spying operations.
The Intercept reports:
As part of a pilot project codenamed IRRITANT HORN, the agencies were developing a method to hack and hijack phone users' connections to app stores so that they would be able to send malicious "implants" to targeted devices. The implants could then be used to collect data from the phones without their users noticing.
CBC continues:
The Five Eyes alliance targeted servers where smartphones get directed whenever users download or update an app from Google and Samsung stores.
...Ultimately, the spy agencies wanted to implant spyware on certain smartphones to take control of a person's device or extract data from it, the document suggests.
The spy agencies also sought to match their targets' smartphone devices to their online activities, using databases of emails, chats and browsing histories kept in the Five Eyes' powerful XKeyScore tool to help build profiles on the people they were tracking.
The project emerged in part due to concerns about the possibility of "another Arab spring," referring to the 2011 wave of revolutionary actions in Tunisia, Egypt, and other countries in the Middle East and North Africa where several autocratic, Western-backed leaders were ousted.
"Respecting agreements not to spy on each others' citizens, the spying partners focused their attention on servers in non-Five Eyes countries, the document suggests," write CBC's Amber Hildebrandt and Dave Seglins. "The agencies targeted mobile app servers in France, Switzerland, the Netherlands, Cuba, Morocco, the Bahamas and Russia."
The spy agencies also began targeting UC Browser--a popular app in India and China with growing usage in North America--in late 2011 after learning that it had leaked information about its half-billion users.
According to the reporting, the operation was launched by a joint surveillance unit called the Network Tradecraft Advancement Team, which includes spies from each of the Five Eyes nations.
The document frames the plan as a move for national security, with the agencies seeking to collect data or spy indefinitely on mobile phones of "suspected terrorists." But they did so without alerting the public or the phone companies of the browser's weaknesses, which "potentially put millions of users in danger of their data being accessed by other governments' agencies, hackers or criminals," Hildebrandt and Seglins write.
"Of course, the security agencies don't [disclose the information]," Ron Deibert, executive director of digital rights group Citizen Lab, which identified security gaps in UC Browser and alerted the company to those issues in April, told CBC. "Instead, they harbor the vulnerability. They essentially weaponize it."
We've had enough. The 1% own and operate the corporate media. They are doing everything they can to defend the status quo, squash dissent and protect the wealthy and the powerful. The Common Dreams media model is different. We cover the news that matters to the 99%. Our mission? To inform. To inspire. To ignite change for the common good. How? Nonprofit. Independent. Reader-supported. Free to read. Free to republish. Free to share. With no advertising. No paywalls. No selling of your data. Thousands of small donations fund our newsroom and allow us to continue publishing. Can you chip in? We can't do it without you. Thank you.