Five Eyes cabal targeted app stores to plant malicious spyware

21 May 2015

New documents leaked about the five-nation alliance of the US, the UK, Canada, Australia and New Zealand – known as Five Eyes – have shown that they planted spyware in app stores for mass effect.

Targeting specifically the increasingly popular mobile browser, the Alibaba-owned UC Browser, the documents, which are linked to Edward Snowden’s leaked NSA files, show that from 2011 its half-billion users gave it an enormous database of potential targets for terrorism offences.

The team who looked at the browser found it contained a series of security flaws, including lending its users’ mobile phone numbers and other mobile device information to its Chinese servers, and wide-eyed described its potential as an “opportunity where potentially none may have existed before”.

According to CBC News in Canada, the group not only targeted the browser but also vulnerabilities within Google and Samsung’s app stores that would place spyware in apps for download, allowing the downloader’s movements and online activities to be tracked.

Power of XKeyscore

The document and slideshow explaining the programme dates from 2012 and unsurprisingly the group did not make the companies involved in the spyware booby traps, or the people who downloaded them, aware of its activities.

Once the spyware was downloaded on to a target’s phone, the Five Eyes group then planned on using the power of XKeyscore, its tracking software, which could build an entire online profile of anyone on the internet, and run it on individuals under suspicion.

Because of the agreement between the five nations, the vulnerabilities were only targeted at countries outside the cabal, with many of the targets residing in countries including Russia, Cuba, France and Switzerland.

Alibaba reacted slowly to news

Citizen Lab, a Canadian human and digital rights group, told CBC News that the flaws that the NSA et al had found were known to Citizen Lab and it had alerted Alibaba of the flaws back in April, but it only released an update to fix them last week.

“We should be troubled by the notion of our spy agencies — and in a sense our government — actively looking for vulnerabilities or weaknesses in the software that millions of people are using,” said Michael Geist, expert in internet law from the University of Ottowa.

“That feels in many respects like a significant abdication of what I think most would expect from [the Canadian] government.”

Google Play Store on mobile image via Shutterstock

Colm Gorey was a senior journalist with Silicon Republic

editorial@siliconrepublic.com