A surveillance project was launched by a joint electronic eavesdropping unit called the Network Tradecraft Advancement Team, which includes spies from the "Five Eyes" alliance — the United States, Canada, the United Kingdom, New Zealand and Australia.
According to NSA whistleblower Edward Snowden the NSA and its chums in the Five Eyes were working on new ways to exploit smartphone technology for surveillance.
The agencies used the Internet spying system XKEYSCORE to identify smartphone traffic flowing across Internet cables and then to track down smartphone connections to app marketplace servers operated by Samsung and Google. (Google declined to comment for this story. Samsung said it would not be commenting "at this time.")
As part of a pilot project codenamed IRRITANT HORN, the agencies were developing a method to hack and hijack phone users' connections to app stores so that they would be able to send malicious "implants" to targeted devices. The implants could then be used to collect data from the phones without their users noticing.
The new document shows how the agencies wanted to "exploit" app store servers — using them to launch so-called "man-in-the-middle" attacks to infect phones with the implants. IN this case the spooks would have modified the content of data packets passing between targeted smartphones and the app servers while an app was being downloaded or updated, inserting spyware that would be covertly sent to the phones.