IoT-Gadgets-Logo-272-90

New NSA documents reveal plans to deliver malware through the Google Play Store and Samsung Store

New documents show how the NSA wanted / wants to compromise Google Play Store and Samsung Store servers in order to inject malware onto your Smartphone.
By
Ash
 - 
May 22, 2015

 
Smartphones carry Information that contains everything about us, our name / address, where we go, who we see and how we communicate with the world (social media). Some feel that this is private informartion, some like the NSA believe this is really their Information and forget things like privacy and civil liberties. Now, according to newly published documents obtained by Edward Snowden and published by The Intercept, the NSA had plans to deliver malware through Google and Samsung app stores. The program was called IRRITANT HORN, and it was a mechanism to delivers malware by intercepting web traffic to and from mobile application servers.

The documents showed a slide that detailed Samsung's update protocol, whilst another targetted Google Play servers in France, which the company uses to deliver updates to Smartphones throughout northern Africa. Once the NSA could compromise these servers, the NSA could intercept traffic before it reached the servers, injecting malware to specific users through a man-in-the-middle attack. The end user would be oblivious to the attack, as they would "think" the data was coming from either of the Samsung or Google app stores, but in-fact it would be from the NSA, where they could send along tools to take all your information, including contact Information, locations, pictures or ANYTHING.

 
finding-app-servers.0
 

Both Samsung and Google employ TLS encryption to protect against man-in-the-middle attacks like this, but cryptographers have been speculating for years that the NSA has found a way to break or circumvent those protections. The documents date from November 2011 to February 2012, and there is no Information if the project was put in effect or if it is currently in use. All we know is that the NSA couldn't give a stuff about your privacy, as it is a law unto itself.

 

IoT-Gadgets-Logo-272-90

About us

IoT Gadgets is dedicated to bring you all the Internet of Things IoT news that pertains to gadgets. Simple. We love for you to join us on this journey.

Contact us: [email protected]

FOLLOW US

crossmenu linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram