Facebook, is that you? NSA reportedly posed as the social network
13th Mar 2014 | 22:56
The US National Security Agency calls accusations 'simply false'
Update: The National Security Agency denied that it impersonated any US company website, which would include Facebook, in order to collect data and spy on targets.
Calling such allegations "inaccurate," the intel organization said in a statement March 13 that its technical capabilities are only used for "lawful and appropriate foreign intelligence operations."
The memorandum doesn't specifically mention Facebook or the Edward Snowden-leaked document. It more generally called it a "Statement in Response to Press Allegations."
Simply logging into Facebook, or what you thought was Facebook, could have been enough to open your computer up to the National Security Agency's eavesdropping schemes.
The US intelligence organization reportedly masqueraded as a fake Facebook server to infect computers and extract files from a target's hard drive.
The NSA sent malicious data packets to these targets to trick their computers into thinking it was the real Facebook, according to The Intercept citing top secret government documents.
These malware "implants" are said to have been deployed on anywhere between 85,000 and 100,000 computers and networks, with the intention of infecting millions around the world.
While the NSA spearheaded the operating, British counterpart GCHQ reportedly played an integral role in developing these tactics. The idea was reportedly shared with the UK, Canada, New Zealand and Australia.
Facebook's HTTPS response
Facebook denied knowledge of this NSA "man in the middle" spy program and told The Intercept that this sort of malware attack method is no longer viable.
That's because the social network implemented HTTPS encryption for all users last year after first making it available in 2011.
But when one back door closes, the government looks for another opening. Before Facebook, the same NSA documents reveal that the agency used spam emails that tricked targets with similar results.
Clicking on malicious links infected their computers within eight seconds. The only problem was that these unsolicited email methods became less successful. Hence the move to Facebook.
It's clear the NSA sees these programs as invaluable tools that can siphon hard drive data and, in some cases, even record audio from a computer's microphone or take photos via a webcam.
The agency is likely to continue to hack computers and corrupt targeted computers through the next vulnerability it finds.
- What's next to infect? Google Glass?