The NSA Is Using Facebook to Hack Into Your Computer

The spy agency is not above infecting networks with malware by posing as the social-media site, according to newly released Snowden files.

In this photo illustration the Social networking site Facebook is reflected in the eye of a man on March 25, 2009 in London, England. The British government has made proposals which would force Social networking websites such as Facebook to pass on details of users, friends and contacts to help fight terrorism.
National Journal
Dustin Volz
March 12, 2014, 7:08 a.m.

This just in from the Ed­ward Snowden vault of gov­ern­ment secrets: The Na­tion­al Se­cur­ity Agency is break­ing in­to “po­ten­tially mil­lions of com­puters world­wide” and in­fect­ing them with mal­ware “im­plants” as part of an ef­fort that is in­creas­ingly re­ly­ing on auto­mated sys­tems and not hu­man over­sight, ac­cord­ing to a First Look Me­dia re­port pub­lished Wed­nes­day.

And the NSA is pre­tend­ing to be Face­book to get the job done.

“In some cases the NSA has mas­quer­aded as a fake Face­book serv­er, us­ing the so­cial-me­dia site as a launch­ing pad to in­fect a tar­get’s com­puter and ex­filtrate files from a hard drive,” First Look re­por­ted on Glenn Gre­en­wald’s In­ter­cept chan­nel, cit­ing a clas­si­fied slide present­a­tion from 2009. “In oth­ers, it has sent out spam emails laced with the mal­ware, which can be tailored to cov­ertly re­cord au­dio from a com­puter’s mi­cro­phone and take snap­shots with its web­cam. The hack­ing sys­tems have also en­abled the NSA to launch cy­ber­at­tacks by cor­rupt­ing and dis­rupt­ing file down­loads or deny­ing ac­cess to web­sites.”

As part of the “in­dus­tri­al-scale ex­ploit­a­tion,” the agency is lever­aging Face­book’s glob­al ap­peal to trick tar­gets in­to log­ging in to a dop­pel­gang­er ver­sion of the site, a tech­nique dubbed “Quan­tum­hand.”

“If this re­port is ac­cur­ate, the NSA is act­ing like a spam­bot,” said Har­ley Gei­ger, seni­or coun­sel at the Cen­ter for Demo­cracy & Tech­no­logy. “The use of mal­ware im­plants should be tar­geted against spe­cif­ic threats in tightly con­trolled situ­ations, but this kind of mass auto­mated sur­veil­lance would put count­less In­ter­net users at risk.”

First Look‘s re­port de­tails how the NSA was able to trick tar­get com­puters by trans­mit­ting “ma­li­cious data pack­ets” that dis­guise it as the real Face­book, a pro­cess il­lus­trated in this top-secret an­im­a­tion:

{{ BIZOBJ (video: 4810) }}

Face­book denied any know­ledge of the NSA’s mal­ware in­fec­tion pro­gram, and said its site is now pro­tec­ted against such at­tacks. But the com­pany sug­ges­ted that, if the al­leg­a­tions are true, oth­er so­cial net­works could also have been com­prom­ised.

“We have no evid­ence of this al­leged activ­ity,” a Face­book spokes­man told Na­tion­al Journ­al. “In any case, this meth­od of net­work level dis­rup­tion does not work for traffic car­ried over HT­TPS, which Face­book fin­ished in­teg­rat­ing by de­fault last year.”

“If gov­ern­ment agen­cies in­deed have priv­ileged ac­cess to net­work ser­vice pro­viders, any site run­ning only HT­TP could con­ceiv­ably have its traffic mis­dir­ec­ted.”

In re­sponse to the story, the NSA in a state­ment said, “Sig­nals in­tel­li­gence shall be col­lec­ted ex­clus­ively where there is a for­eign in­tel­li­gence or coun­ter­in­tel­li­gence pur­pose.”

UP­DATE: The Na­tion­al Se­cur­ity Agency on Thursday denied us­ing a dop­pel­gang­er ver­sion of Face­book, say­ing it lacks the abil­ity to do so and only con­ducts for­eign in­tel­li­gence op­er­a­tions that are “law­ful and ap­pro­pri­ate.”

What We're Following See More »
Trump Won’t Debate Sanders After All
3 days ago

Trump, in a statement: “Based on the fact that the Democratic nominating process is totally rigged and Crooked Hillary Clinton and Deborah Wasserman Schultz will not allow Bernie Sanders to win, and now that I am the presumptive Republican nominee, it seems inappropriate that I would debate the second place finisher. ... I will wait to debate the first place finisher in the Democratic Party, probably Crooked Hillary Clinton, or whoever it may be.”

UAW: Time to Unite Behind Hillary
4 days ago

"It's about time for unity," said UAW President Dennis Williams. "We're endorsing Hillary Clinton. She's gotten 3 million more votes than Bernie, a million more votes than Donald Trump. She's our nominee." He called Sanders "a great friend of the UAW" while saying Trump "does not support the economic security of UAW families." Some 28 percent of UAW members indicated their support for Trump in an internal survey.

Trump Clinches Enough Delegates for the Nomination
4 days ago

"Donald Trump on Thursday reached the number of delegates needed to clinch the Republican nomination for president, completing an unlikely rise that has upended the political landscape and sets the stage for a bitter fall campaign. Trump was put over the top in the Associated Press delegate count by a small number of the party's unbound delegates who told the AP they would support him at the convention."

Trump/Sanders Debate Before California Primary?
4 days ago
California: It’s Not Over Yet
4 days ago

"Clinton and Bernie Sanders "are now devoting additional money to television advertising. A day after Sanders announced a new ad buy of less than $2 million in the state, Clinton announced her own television campaign. Ads featuring actor Morgan Freeman as well as labor leader and civil rights activist Dolores Huerta will air beginning on Fridayin Fresno, Sacramento, and Los Angeles media markets. Some ads will also target Latino voters and Asian American voters. The total value of the buy is about six figures according to the Clinton campaign." Meanwhile, a new poll shows Sanders within the margin of error, trailing Clinton 44%-46%.