Earlier in the week, we reported that dozens of popular apps including Instagram, Facebook, and Angry Birds were considered “leaky” by the NSA and GCHQ, and that both agencies had been exploiting the vulnerabilities in each to identify and classify users automatically based on information gathered.
By scraping up the advertising data that was unknowingly seeping through the cracks of these popular applications, the government was able to learn about the gender, race, political affiliation, and even sexual orientation of whoever was in control of the phone they happened to have their sights set on at the time.
Now an unnamed hacktivist group has taken to the internet to voice their displeasure over these practices, utilizing their unique skillset to deface the Angry Birds website with their newest version of the handheld game: “Spying Birds“.
Nothing is known about the hackers behind the tongue-in-cheek graffiti-style hack, other than the name they chose to fly their flag under, the mind-blowingly creative moniker “Anti-NSA Hacker”. On the surface it doesn’t seem that anything of actual value was taken or compromised during the short time the website spent advertising an entirely different game, although the investigation is ongoing and nothing has been ruled out as a possibility just yet.
“It’s not clear if Rovio’s web servers were compromised or if the hacker managed to hijack the firm’s DNS records and send visiting computers to a third party site carrying the image instead. Whatever the details of how the hack was perpetrated, it appears to have only been present for a few minutes and the company made its website unavailable for 90 minutes while it confirmed that its systems were now secured.”
All in all the not-so-subtle message lasted only around an hour and a half before it was taken down by internal engineers working for the publisher, and the only way you’d even know it happened is by taking a closer look at Google’s cache of the page while it was still functional.
Rovio was far from the only developer named in the program that was run by the NSA, but it’s probably safe to assume they take the cake as one of the more prolific titles up for public scrutiny in this case.
The company continues to deny that had any involvement with the data-slurping assignment, and that they were just as surprised as the rest of us to learn just how much information the government had acquired through back channels attached to their app.