- Jan 8, 2011
- 22,361
"The NSA developed a plan to deliver malware through Google and Samsung app stores, according to newly published documents obtained by Edward Snowden and published by The Intercept. The documents details a program called IRRITANT HORN, which delivers malware by intercepting web traffic to and from mobile application servers.
One slide details Samsung's update protocol, while another pinpoints the Google Play servers in France, used to deliver updates to phones throughout northern Africa.
Once the path to those servers was established, the NSA could intercept traffic before it reached the servers, injecting malware to specific users through a man-in-the-middle attack. The files would appear to come from a trusted app store, but they would really be coming from the NSA. From there, the NSA could deliver tools from its extensive catalog of surveillance programs, including pulling a user's contact list or reporting their location in near-real-time.
Both Samsung and Google employ TLS encryption to protect against man-in-the-middle attacks like this, but cryptographers have been speculating for years that the NSA has found a way to break or circumvent those protections."
Read more: NSA planned to hijack Google Play App Store and Hack Smartphones
https://firstlook.org/theintercept/2015/05/21/nsa-five-eyes-google-samsung-app-stores-spyware/
One slide details Samsung's update protocol, while another pinpoints the Google Play servers in France, used to deliver updates to phones throughout northern Africa.
Once the path to those servers was established, the NSA could intercept traffic before it reached the servers, injecting malware to specific users through a man-in-the-middle attack. The files would appear to come from a trusted app store, but they would really be coming from the NSA. From there, the NSA could deliver tools from its extensive catalog of surveillance programs, including pulling a user's contact list or reporting their location in near-real-time.
Both Samsung and Google employ TLS encryption to protect against man-in-the-middle attacks like this, but cryptographers have been speculating for years that the NSA has found a way to break or circumvent those protections."
Read more: NSA planned to hijack Google Play App Store and Hack Smartphones
https://firstlook.org/theintercept/2015/05/21/nsa-five-eyes-google-samsung-app-stores-spyware/
Last edited: