The NSA Is Using Facebook to Hack Into Your Computer

The spy agency is not above infecting networks with malware by posing as the social-media site, according to newly released Snowden files.

In this photo illustration the Social networking site Facebook is reflected in the eye of a man on March 25, 2009 in London, England. The British government has made proposals which would force Social networking websites such as Facebook to pass on details of users, friends and contacts to help fight terrorism.
National Journal
Dustin Volz
March 12, 2014, 7:08 a.m.

This just in from the Ed­ward Snowden vault of gov­ern­ment secrets: The Na­tion­al Se­cur­ity Agency is break­ing in­to “po­ten­tially mil­lions of com­puters world­wide” and in­fect­ing them with mal­ware “im­plants” as part of an ef­fort that is in­creas­ingly re­ly­ing on auto­mated sys­tems and not hu­man over­sight, ac­cord­ing to a First Look Me­dia re­port pub­lished Wed­nes­day.

And the NSA is pre­tend­ing to be Face­book to get the job done.

“In some cases the NSA has mas­quer­aded as a fake Face­book serv­er, us­ing the so­cial-me­dia site as a launch­ing pad to in­fect a tar­get’s com­puter and ex­filtrate files from a hard drive,” First Look re­por­ted on Glenn Gre­en­wald’s In­ter­cept chan­nel, cit­ing a clas­si­fied slide present­a­tion from 2009. “In oth­ers, it has sent out spam emails laced with the mal­ware, which can be tailored to cov­ertly re­cord au­dio from a com­puter’s mi­cro­phone and take snap­shots with its web­cam. The hack­ing sys­tems have also en­abled the NSA to launch cy­ber­at­tacks by cor­rupt­ing and dis­rupt­ing file down­loads or deny­ing ac­cess to web­sites.”

As part of the “in­dus­tri­al-scale ex­ploit­a­tion,” the agency is lever­aging Face­book’s glob­al ap­peal to trick tar­gets in­to log­ging in to a dop­pel­gang­er ver­sion of the site, a tech­nique dubbed “Quan­tum­hand.”

“If this re­port is ac­cur­ate, the NSA is act­ing like a spam­bot,” said Har­ley Gei­ger, seni­or coun­sel at the Cen­ter for Demo­cracy & Tech­no­logy. “The use of mal­ware im­plants should be tar­geted against spe­cif­ic threats in tightly con­trolled situ­ations, but this kind of mass auto­mated sur­veil­lance would put count­less In­ter­net users at risk.”

First Look‘s re­port de­tails how the NSA was able to trick tar­get com­puters by trans­mit­ting “ma­li­cious data pack­ets” that dis­guise it as the real Face­book, a pro­cess il­lus­trated in this top-secret an­im­a­tion:

{{ BIZOBJ (video: 4810) }}

Face­book denied any know­ledge of the NSA’s mal­ware in­fec­tion pro­gram, and said its site is now pro­tec­ted against such at­tacks. But the com­pany sug­ges­ted that, if the al­leg­a­tions are true, oth­er so­cial net­works could also have been com­prom­ised.

“We have no evid­ence of this al­leged activ­ity,” a Face­book spokes­man told Na­tion­al Journ­al. “In any case, this meth­od of net­work level dis­rup­tion does not work for traffic car­ried over HT­TPS, which Face­book fin­ished in­teg­rat­ing by de­fault last year.”

“If gov­ern­ment agen­cies in­deed have priv­ileged ac­cess to net­work ser­vice pro­viders, any site run­ning only HT­TP could con­ceiv­ably have its traffic mis­dir­ec­ted.”

In re­sponse to the story, the NSA in a state­ment said, “Sig­nals in­tel­li­gence shall be col­lec­ted ex­clus­ively where there is a for­eign in­tel­li­gence or coun­ter­in­tel­li­gence pur­pose.”

UP­DATE: The Na­tion­al Se­cur­ity Agency on Thursday denied us­ing a dop­pel­gang­er ver­sion of Face­book, say­ing it lacks the abil­ity to do so and only con­ducts for­eign in­tel­li­gence op­er­a­tions that are “law­ful and ap­pro­pri­ate.”

What We're Following See More »
What the Current Crop of Candidates Could Learn from JFK
19 hours ago

Much has been made of David Brooks’s recent New York Times column, in which confesses to missing already the civility and humanity of Barack Obama, compared to who might take his place. In, Jeffrey Frank reminds us how critical such attributes are to foreign policy. “It’s hard to imagine Kennedy so casually referring to the leader of Russia as a gangster or a thug. For that matter, it’s hard to imagine any president comparing the Russian leader to Hitler [as] Hillary Clinton did at a private fund-raiser. … Kennedy, who always worried that miscalculation could lead to war, paid close attention to the language of diplomacy.”

Maher Weighs in on Bernie, Trump and Palin
20 hours ago

“We haven’t seen a true leftist since FDR, so many millions are coming out of the woodwork to vote for Bernie Sanders; he is the Occupy movement now come to life in the political arena.” So says Bill Maher in his Hollywood Reporter cover story (more a stream-of-consciousness riff than an essay, actually). Conservative states may never vote for a socialist in the general election, but “this stuff has never been on the table, and these voters have never been activated.” Maher saves most of his bile for Donald Trump and Sarah Palin, writing that by nominating Palin as vice president “John McCain is the one who opened the Book of the Dead and let the monsters out.” And Trump is picking up where Palin left off.