The United States and its leading Western allies have planned to exploit Google Play through their links to Google and Samsung’s app stores, CBC News and The Intercept reported. They wanted to infect apps with spyware to send misinformation to targets, according to documents released to the media by National Security Agency whistle –blower Edward Snowden.
The intelligence agencies also began targeting the mobile browser UC Browser in the late 2011, after discovering it leaked revealing details about its users. UC Browser runs on android, iOS, Windows Phone, BlackBerry, Java ME and Symbian. Owned by Chinese e-commerce giant Alibaba, UC Browser is the world’s leading third party mobile browser, accounting for nearly 13 percent of the market in March, according to Sitepoint.
United States and their Western allies focused most of their efforts to spy on Africa especially Senegal, Sudan and Congo where Muslim populations have been restive. This was a measure that was implemented by U.S and their allies because they did not want to spy on their citizens. However, Samsung’s and Google’s mobile app servers were located in France, Switzerland, the Netherlands, Cuba, Morocco, the Bahamas and Russia. The intelligence services reportedly found one country’s military unit using UC Browser for covert communications about its operation in Western countries.
Dave Bullas the director pre-sales engineering at Stealthbits said,” it should come as no comfort that these agencies haven’t yet used these techniques against their own people, any developer will tell you that the best way to build a tool that works is to get it working in one place before using it somewhere else.”
The agencies held a series of workshops in Australia and Canada in late 2011 and early 2012 on finding way to exploit Google Play or rule over smartphone for surveillance, The Intercept reported. The used the NSA-developed Xkeyscore system to identify smartphone traffic on the Internet then track down the smartphones’ connections to Samsung’s and Google’s app marketplace servers.
The agencies apparently set up a pilot project codenamed ” Irritant Horn,” under which they developed a way to hack and hijack phone users’ connections to app stores, so they could send malicious implants to targeted devices. The implants would be used to collect data covertly from the smartphones. The agencies reportedly also planned to harvest data about phone users from the app store servers. These revelations show intelligence services around the world has gone a notch higher in finding ways to curb attacks and counter terrorism, and maybe Kenya’s NIS could join in.