Following on from leaks revealing that the GCHQ obtained data from Angry Birds, Rovio confirmed that hackers defaced the video game's website on Wednesday. The website temporarily showed an image entitled ‘Spying Birds' and this included the NSA logo.
Rovio said that it did not “collaborate or collude” with any government spy agency.
“We do not collaborate, collude, or share data with spy agencies anywhere in the world,” said Rovio Entertainment CEO Mikael Hed in a statement. “As the alleged surveillance might be happening through third party advertising networks, the most important conversation to be had is how to ensure user privacy is protected while preventing the negative impact on the whole advertising industry and the countless mobile apps that rely on ad networks.”
“In order to protect our end users, we will, like all other companies using third party advertising networks, have to re-evaluate working with these networks if they are being used for spying purposes.”
It appears that cyber criminals carried out a DNS (Domain Name System) attack – where the website's name servers are swapped with another under the attackers' control -- and this is said to bear some resemblance to the Syrian Electronic Army's attacks on The New York Times last year.
However, the group itself has denied responsibility but says that it heard about the breach from an anonymous third-party.
"A friend hacked and defaced @Angrybirds website after reports confirms its spying on people,” the group posted on Twitter, adding a link to a saved image of the defaced website.
“The attack was by 'Anti-NSA' Hacker. He sent an email to our official email with the link of the hacked website."
This attack comes days after the New York Times, ProPublica and The Guardian posted copies of the latest documents leaked by whistleblower Edward Snowden. In the documents, the former CIA contractor suggests that both the NSA and GCHQ have worked together since 2007 to devise ways to access information from smartphone and tablet apps.
A secret GCHQ report, also recently published, revealed that both agencies had engineered a way of harvesting user data if they installed Angry Birds on an Android device. This data apparently included the owner's age, sex, location and even information on when they were listening to music or making a call.
“It is not a surprise to hear that the NSA gathers information from Angry Birds. The information provided by these apps has already proven lucrative to both advertisers and developers so it stands to reason that it is also valuable to intelligence agencies, Vicente Diaz, Senior Malware Analyst at Kaspersky Lab, told SCMagazineUK.com.
Edward Parsons, senior manager for information protection and business resilience at KPMG UK, hopes that these latest revelations prompt mobile users to improve their security.
“Smartphone applications offer a vast range of benefits to users and provide a platform for innovative service delivery. In the rush to market, security can come second, offering the opportunity for both nations and organised crime groups to collect sensitive information on smartphone users and their activities, as well as providing avenues to exploit vulnerabilities in app software and the smartphones which run it," he told SCMagazineUK.com.
"A poorly configured smartphone may be the best espionage tool ever created with camera, microphone, GPS and Internet connection.
“Smartphone users need to exercise care in downloading and installing apps, including limiting the access they grant. Users can protect themselves by carefully considering the terms and conditions when purchasing apps, though this is easier said than done, the reality is that they are often complex and opaque, and frequently ignored as the latest and greatest app is installed in haste.”