Author Topic: NSA Used Facebook As a Trojan Horse to Infect Targets with Malware  (Read 415 times)

0 Members and 1 Guest are viewing this topic.

Offline mountaineer

  • Member
  • Hero Member
  • ****
  • Posts: 32,974
Natasha Tiku writes at Valley Wag:
Quote
Glenn Greenwald's Snowden files are like a the bottomless mimosas of cyber-security scares. The latest dispatch from The Intercept describes how the National Security Agency exploited Silicon Valley by disguising itself as a fake Facebook server in order to infect targeted computers with malware.

Through these "implants," the NSA was able to "siphon out data from foreign Internet and phone networks."

In a way, the government agency sounds like any other startup. They developed this "groundbreaking surveillance technology" to optimize hacking into computers undetected. They also built an automated system codenamed TURBINE to truly scale spying by reducing "the level of human oversight in the process." Automating the implant process, you see, enables the NSA to potentially infect millions of computers worldwide!

Wearing a friendly Facebook mask also helped:
Quote
In some cases the NSA has masqueraded as a fake Facebook server, using the social media site as a launching pad to infect a target's computer and exfiltrate files from a hard drive. In others, it has sent out spam emails laced with the malware, which can be tailored to covertly record audio from a computer's microphone and take snapshots with its webcam. The hacking systems have also enabled the NSA to launch cyberattacks by corrupting and disrupting file downloads or denying access to websites.


According to one top-secret document from 2012, the agency used to use spam emails to get targets to click on "malicious links" that activated a "back-door implant." But Internet users are not as gullible as they once were, so the NSA had to hit them where they hang out online:
Quote
In one man-on-the-side technique, codenamed QUANTUMHAND, the agency disguises itself as a fake Facebook server. When a target attempts to log in to the social media site, the NSA transmits malicious data packets that trick the target's computer into thinking they are being sent from the real Facebook. By concealing its malware within what looks like an ordinary Facebook page, the NSA is able to hack into the targeted computer and covertly siphon out data from its hard drive. A top-secret animation demonstrates the tactic in action.
  ...


Click on link for full story and more internal links
The skeptic is never for real. There he stands, cocktail in hand, left arm draped languorously on one end of the mantelpiece, telling you that he can't be sure of anything, not even of his own existence. I'll give you my secret method of demolishing universal skepticism in four words. Whisper to him: "Your fly is open." If he thinks knowledge is so all-fired impossible, why does he always look? — James Sire (from, The Universe Next Door)

Offline Oceander

  • Technical
  • Hero Member
  • ****
  • Posts: 42,703
  • #NeverTrumpForever
Re: NSA Used Facebook As a Trojan Horse to Infect Targets with Malware
« Reply #1 on: March 13, 2014, 10:04:23 AM »
More from the story:

Quote
Spokesperson Jay Nancarrow told The Intercept that Facebook had "no evidence of this alleged activity." Facebook is less vulnerable to malware attacks now that it offers users HTTPS encryption for users, but that was only implemented last year.

That's nice, but it doesn't do anything to prevent attacks using a fake server and in any event we already have information courtesy of Snowden that the NSA systematically attacked and weakened the encryption systems used by the internet to make it easier for them to decrypt transmissions.

Offline mountaineer

  • Member
  • Hero Member
  • ****
  • Posts: 32,974
Re: NSA Used Facebook As a Trojan Horse to Infect Targets with Malware
« Reply #2 on: March 13, 2014, 10:26:00 AM »
Los Angeles Times story:
Quote
NSA posed as Facebook to infect computers with malware
By Salvador Rodriguez
March 12, 2014, 11:34 a.m.

 

The National Security Agency has reportedly used automated systems to infect user computers with malware since 2010, according to a Wednesday report. And at times the agency pretended to be Facebook to install its malware.

The NSA has been using a program codenamed TURBINE to contaminate computers and networks with malware "implants" capable of spying on users, according to The Intercept, which cited documents provided by whistleblower Edward Snowden.

Between 85,000 and 100,000 of these implants have been deployed worldwide thus far, the report said.

To infect computers with malware, the NSA has relied on various tactics, including posing as Facebook.

The federal agency performed what is known as a "man-on-the-side" attack in which it tricked users computers into thinking that they were accessing real Facebook servers. Once the user had been fooled, the NSA hacked into the user's computer and extracted data from their hard drive.

Facebook said it had no knowledge of the NSA"s TURBINE program, according to the National Journal. However, the social network said it is no longer possible for the NSA or hackers to attack users that way, but Facebook warned that other websites and social networks may still be vulnerable to those types of attacks. ...


Read the rest of the story
The skeptic is never for real. There he stands, cocktail in hand, left arm draped languorously on one end of the mantelpiece, telling you that he can't be sure of anything, not even of his own existence. I'll give you my secret method of demolishing universal skepticism in four words. Whisper to him: "Your fly is open." If he thinks knowledge is so all-fired impossible, why does he always look? — James Sire (from, The Universe Next Door)


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf