NSA reportedly posed as Facebook to infect computers with malware
The National Security Agency has reportedly used automated systems to infect user computers with malware since 2010, according to a Wednesday report. And at times the agency pretended to be Facebook to install its malware, according to the report.
The NSA has been using a program code-named Turbine to contaminate computers and networks with malware “implants” capable of spying on users, according to news website The Intercept, which cited documents provided by whistleblower Edward Snowden.
Between 85,000 and 100,000 of these implants have been deployed worldwide thus far, the report said.
To infect computers with malware, the NSA has relied on various tactics, including posing as Facebook.
The federal agency performed what is known as a “man on the side” attack in which it tricked users’ computers into thinking that they were accessing real Facebook servers. Once the user had been fooled, the NSA hacked into the user’s computer and extracted data from the hard drive.
Facebook said it had no knowledge of the NSA’s Turbine program, according to the National Journal. The social network said it is no longer possible for the NSA or hackers to attack users that way, but Facebook warned that other websites and social networks may still be vulnerable to those types of attacks.
“This method of network-level disruption does not work for traffic carried over HTTPS, which Facebook finished integrating by default last year,” Facebook told the National Journal. “If government agencies indeed have privileged access to network service providers, any site running only HTTP could conceivably have its traffic misdirected.”
Other ways the NSA infects malware onto computers include sending out spam emails.