NSA Planned to Plant Malware via Google & Samsung Phones

Uploaded on 2015-06-09 in NEWS-Cybersecurity News, INTELLIGENCE--USA, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

835fcaf3da5fc29465dcb812d508f91a.jpg

Malware in the Google Play Store and Samsung app store is nothing new, but when it comes from the US National Security Agency, then that’s a whole new threat level.

An NSA app-hijacking program, dubbed IRRITANT HORN, was set up by the US as part of a joint spying unit, according to new documents from controversial whistle-blower Edward Snowden and obtained by The Intercept and CBC News. It also involved the other Five Eyes - Canada, the UK, Australia and New Zealand.

Mobile phones became infected with malware and spyware by using web traffic around application servers, and document slides cite Google and Samsung servers in this process.

The plan was to intercept traffic before it reached to servers and infect certain users’ phones with malware and spyware, a type of “man-in-the-middle” attack. Once the malware is in the phone, it would relay sensitive information, such as contacts and nearly real-time location at all time. 

Last year, The Intercept also reported that the NSA had planned a mass infection of computers with malware, estimating millions in the crosshairs.

The documents are dated from 2011 to 2012 and it’s still unclear whether this plan was ever implemented or not. Regardless, the NSA has proven its disregard for user privacy many times, and it’s an equally startling reminder that our data may not be safe, even behind the mighty Google’s encryption. The fallout from this, and every new revelation that Snowden will reveal, is something to keep an eye on.
Techradar:  http://bit.ly/1IoZynp

« UK Secret Report Urges US Data Sharing
Anderson Report: Review Of UK Anti-Terror Data Laws. »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Booz Allen Hamilton

Booz Allen Hamilton

Booz Allen Hamilton is a management & tech consulting firm. Technology services include cloud computing, cyber security, systems development and integration.

MKD-CIRT

MKD-CIRT

MKD-CIRT is the national Computer Incident Response Team for Macedonia.

Data Resolve Technologies

Data Resolve Technologies

Data Resolve offer a mechanism through which customers can detect and tackle various kinds of sensitive activities pertaining to data loss and data theft.

Cyphercor

Cyphercor

Cyphercor is a leading smartphone and desktop-based two-factor authentication (2FA) provider.

Compnet

Compnet

Compnet is a service company that assists customers in integrating complete ICT systems including network infrastructure and security solutions.

Nextcloud

Nextcloud

Nextcloud offers offers solutions to the combined need of security and ubiquitous access to data and collaboration technology.

Data Security Inc

Data Security Inc

Data Security, Inc. is the leading American manufacturer and supplier of hard drive degaussers, magnetic tape degaussers as well as hard drive and solid state destruction devices.

KDM Analytics

KDM Analytics

KDM Analytics software products automate the NIST risk management framework (RMF) assessment for operational technology (OT) systems.

AlertFusion

AlertFusion

AlertFusion is a platform that makes security operations more effective. It complements existing tools and technologies, unifies operations, enhances process maturity and drives efficiencies.

The PenTesting Company

The PenTesting Company

The PenTesting Company is owned and operated by offensive security professionals. Penetration Testing is essentially all we do.

Aite-Novarica Group

Aite-Novarica Group

Aite-Novarica's Cybersecurity practice provides ongoing research and advisory services to chief information security officers focused on protecting their companies’ assets.

mxHERO

mxHERO

mxHERO reduces the risks inherent with ransom and cyber-security threats specific to email.

Prikus Tech

Prikus Tech

Prikus is a full-fledged Cyber Security Company helping organizations worldwide to manage cyber risks. We offer Risk & Compliance Services, Security Testing & Managed Security Services.

Redpoint Cybersecurity

Redpoint Cybersecurity

Redpoint Cybersecurity is a human-led, technology-enabled managed cybersecurity provider specializing in Digital Forensics, Incident Response and proactive cyberattack prevention.

Attestiv

Attestiv

Attestiv puts authenticity into photos, videos and documents by utilizing advanced technologies in AI and tamper-proofing.

ACDS (Advanced Cyber Defence Systems)

ACDS (Advanced Cyber Defence Systems)

ACDS was founded in the belief that cyber security can be done better. We’re combining emerging technologies and proven methods to bring a new approach to tackling the growing threat landscape.