

NSA Planned to Hijack Google App Store to Hack Smartphones - etiam
https://firstlook.org/theintercept/2015/05/21/nsa-five-eyes-google-samsung-app-stores-spyware/

======
mmrasheed
Wouldn't it be much easier to buy some of the leaky/crapy but popular apps,
and then infect the target phones? Or, perhaps develop few apps providing free
backup/storage/VPN/proxy services? There are so many small companies provide
phone backup services who technically ask for all critical permissions in the
phones. There are many flash light apps who ask for so many unnecessary
permissions, yet their downloads are in millions.

Certainly, Apple app screening would be pain in the a$$, but Google play store
is still very flexible.

------
junto
I wonder how many other apps are leaking like sieves?

    
    
       According to the top-secret document, the agencies
       discovered that the UC Browser app was leaking a gold mine
       of identifying information about its users’ phones. 
    

Does anyone know how it was leaking? Was it just neglecting to use SSL?

