NSA And GCHQ Spy On Targets Using Leaky Mobile Apps

US and UK intelligence agencies are exploiting data leakage flaws in popular mobile apps such as Birds and Google Maps to gain information on targets, according to fresh Edward Snowden leaks.

One project was so successful it meant “anyone using Google Maps on a smartphone is working in support of a GCHQ system”. Certain exploits allowed agents to power up devices that had been switched off, whilst others allowed them to listen in on conversations.

The NSA said it would only use such techniques against valid targets, saying it focused “only those communications that we are authorised by law to collect for valid foreign intelligence and counterintelligence purposes”.

Other methods exploited code deployed by advertising networks. One of those ad networks, Millennial Media, was said to be working with Angry Birds creator Rovio, which said it did not work with the intelligence agencies and knew nothing of the snooping, according to the Guardian.

Angry Birds was specifically cited in one GCHQ document detailing ways to attack mobile apps.

Mobile app weaknesses

Intelligence agencies could exploit a host of vulnerabilities in the world’s most popular mobile apps, which have been uncovered over the last year. FireEye and MWR InfoSecurity researchers have revealed flaws opened up by ad networks, including Millennial and another big player, InMobi.

Both have libraries that appear in many of the world’s most popular free applications and include  a JavaScript interface. This lets the ad networks learn more about users or carry out actions on a user device, such as taking pictures or turning on microphones. In theory this is by consent of the user, but if done over HTTP not encrypted HTTPS, it can be exploited by outside hackers.

Earlier this month, FireEye said at least 47 percent of the top 40 ad libraries have one or more versions of their code in active use by popular apps on Google Play containing such weaknesses.

Exploiting these weaknesses has now become incredibly easy, as frameworks like the massively popular Metasploit hacking tool have made it possible to carry out attacks by simply clicking a few buttons.

“The NSA has some very clever people working for them in an offensive capacity, it would be naive to believe that they aren’t capable of finding the same vulnerabilities, exploiting them and/or weaponsing them,” David Hartley, from MWR InfoSecurity, told TechWeekEurope.

“When I presented my research I did find that games such as Angry birds were vulnerable to the addJavascriptInterface issue. Lots of popular games are/were, Tetris, Fruit Ninja, etc.”

Redaction controversy

Meanwhile, the Guardian and other papers involved in the Edward Snowden leaks have faced criticism for not properly redacting information on the documents made public yesterday. It was simple to reveal the blacked-out information by copying and pasting it into another file and changing formatting.

The documents placed online have now had information properly redacted, but it is believed a US agent’s name is now out in the open, along with other sensitive information.

A separate leak, published by NBC News, showed how spies tapped into networks to gain an insight into people’s social media and YouTube activity, without gaining permission from the tech companies running those services.

Nothing’s secret in our Snowden quiz!