Skip to main content

Sign up for our newsletter.

Quality journalism. Progressive values. Direct to your inbox.

The U.S. National Security Agency (NSA) and its intelligence partners in the Five Eyes alliance exploited weaknesses in cell phone apps to spy on users, new documents reveal. (Photo: Japanexperterna.se/cc)

'Weaponizing Vulnerabilities': New Snowden Doc Reveals Spy Agencies Targeted Smartphones

The 'Five Eyes' alliance exploited weaknesses in popular browser and planned to hijack links to app stores to implant spyware on mobile phones, new documents show

Nadia Prupis

The intelligence alliance known as Five Eyes—comprising the U.S., Canada, New Zealand, the United Kingdom, and Australia—exploited security weaknesses in one of the world's most popular browsers to obtain data about users and planned to use links to Google and Samsung app stores to infect smartphones with spyware, a top secret National Security Agency (NSA) document published Wednesday has revealed.

According to the 2012 document, leaked by whistleblower Edward Snowden and published jointly by CBC News and The Intercept, the NSA and its international counterparts took part in a series of workshops between November 2011 and February 2012 to find new ways to exploit smartphone technology for spying operations.

The Intercept reports:

As part of a pilot project codenamed IRRITANT HORN, the agencies were developing a method to hack and hijack phone users’ connections to app stores so that they would be able to send malicious “implants” to targeted devices. The implants could then be used to collect data from the phones without their users noticing.

CBC continues:

The Five Eyes alliance targeted servers where smartphones get directed whenever users download or update an app from Google and Samsung stores.

...Ultimately, the spy agencies wanted to implant spyware on certain smartphones to take control of a person's device or extract data from it, the document suggests.

The spy agencies also sought to match their targets' smartphone devices to their online activities, using databases of emails, chats and browsing histories kept in the Five Eyes' powerful XKeyScore tool to help build profiles on the people they were tracking.

The project emerged in part due to concerns about the possibility of "another Arab spring," referring to the 2011 wave of revolutionary actions in Tunisia, Egypt, and other countries in the Middle East and North Africa where several autocratic, Western-backed leaders were ousted.

"Respecting agreements not to spy on each others' citizens, the spying partners focused their attention on servers in non-Five Eyes countries, the document suggests," write CBC's Amber Hildebrandt and Dave Seglins. "The agencies targeted mobile app servers in France, Switzerland, the Netherlands, Cuba, Morocco, the Bahamas and Russia."

The spy agencies also began targeting UC Browser—a popular app in India and China with growing usage in North America—in late 2011 after learning that it had leaked information about its half-billion users.

According to the reporting, the operation was launched by a joint surveillance unit called the Network Tradecraft Advancement Team, which includes spies from each of the Five Eyes nations.

The document frames the plan as a move for national security, with the agencies seeking to collect data or spy indefinitely on mobile phones of "suspected terrorists." But they did so without alerting the public or the phone companies of the browser's weaknesses, which "potentially put millions of users in danger of their data being accessed by other governments' agencies, hackers or criminals," Hildebrandt and Seglins write.

"Of course, the security agencies don’t [disclose the information]," Ron Deibert, executive director of digital rights group Citizen Lab, which identified security gaps in UC Browser and alerted the company to those issues in April, told CBC. "Instead, they harbor the vulnerability. They essentially weaponize it."


Our work is licensed under Creative Commons (CC BY-NC-ND 3.0). Feel free to republish and share widely.

... We've had enough. The 1% own and operate the corporate media. They are doing everything they can to defend the status quo, squash dissent and protect the wealthy and the powerful. The Common Dreams media model is different. We cover the news that matters to the 99%. Our mission? To inform. To inspire. To ignite change for the common good. How? Nonprofit. Independent. Reader-supported. Free to read. Free to republish. Free to share. With no advertising. No paywalls. No selling of your data. Thousands of small donations fund our newsroom and allow us to continue publishing. Can you chip in? We can't do it without you. Thank you.

Africans Should Be 'Applauded, Not Punished,' Say Advocates Amid Omicron Travel Ban

"What is going on right now is inevitable," said African Union Vaccine Delivery Alliance co-chair Dr. Ayoade Alakija. "It's a result of the world's failure to vaccinate in an equitable, urgent, and speedy manner."

Brett Wilkins ·


Biden Drilling Report Blasted as 'Shocking Capitulation to the Needs of Corporate Polluters'

"Greenlighting more fossil fuel extraction, then pretending it's OK by nudging up royalty rates, is like rearranging deck chairs on the Titanic," said one campaigner.

Jessica Corbett ·


UNESCO Members Adopt First Global AI Ethics Agreement 'To Benefit Humanity'

"We're at a critical juncture in history," said Ethics in Tech founder Vahid Razavi. "We need as humans to come together and decide what is the best course of action to take with these technologies before they surpass us in their abilities."

Brett Wilkins ·


Progressive US Lawmakers Mark Black Friday With Calls to Pass the PRO Act

"The right to organize, fight for better working conditions, and fair pay must always be protected."

Jessica Corbett ·


'We Are Fighting Back': Global Black Friday Strikes and Protests Seek to #MakeAmazonPay

"We are workers and activists divided by geography and our role in the global economy but united in our commitment to Make Amazon Pay fair wages, its taxes, and for its impact on the planet."

Kenny Stancil ·

Support our work.

We are independent, non-profit, advertising-free and 100% reader supported.

Subscribe to our newsletter.

Quality journalism. Progressive values.
Direct to your inbox.

Subscribe to our Newsletter.


Common Dreams, Inc. Founded 1997. Registered 501(c3) Non-Profit | Privacy Policy
Common Dreams Logo