Printed from http://www.electronista.com

Snowden: NSA used false Facebook servers for malware implantation

updated 02:04 pm EDT, Wed March 12, 2014

NSA shifting from personal hack to 'industrial scale' widespread attacks

Recently-examined Snowden-leaked documents have shown that the NSA is looking at significantly growing its ability to install malware on a large scale, using automated systems and falsified websites. The documents detail efforts to fake a Facebook server, with the targeted population infected upon visitation of the spoof site.

The delivered payload has been used to record video and audio from an infected computer, and covertly deliver it to NSA servers. Additionally, remote attacks are possible -- such as corrupting files, or redirecting the infected computer to other spoofed sites run by intelligence services.

The proposed large-scale system, dating back to 2009, has been named "Turbine" by the NSA and is designed for "industrial-scale exploitation." The documents claim that it allows "the current implant network to scale to large size (millions of implants) by creating a system that does automated control implants by groups instead of individually."

Another Snowden document declares the Turbine program's intent to "increase the current capability to deploy and manage hundreds of Computer Network Exploitation (CNE) and Computer Network Attack (CNA) implants to potentially millions of implants." It is believed by Firstlook to have infected between 80,000 and 100,000 devices.

Also part of the NSA's offensive hacking initiative is the targeting of system operators. In an internal document released by Snowden, an operative claims that "sysadmins are a means to an end" with a compromised administrator making it easier to get to other persons of interest on the managed system.

Firstlook spoke with a Facebook spokesman about the allegations of false servers masquerading as the social media powerhouse. Spokesman Jay Nancarrow stated that there was "no evidence of this alleged activity" but noted that any site could be susceptible to the reported NSA tactics. Nancarrow noted that "if government agencies indeed have privileged access to network service providers, any site running only HTTP could conceivably have its traffic misdirected."

How the NSA Secretly Masqueraded as Facebook to Hack Computers for Surveillance from First Look Media on Vimeo.




By Electronista Staff
Post tools:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Sound Blaster Roar Bluetooth speaker

There could very well be a new king of the hill for Bluetooth speakers, with Sound Blaster's recent entry into the marketplace. Bringi ...

Kenu Airframe Plus

Simple, stylish and effective, the Kenu Airframe + portable car mount is the latest addition to Kenu's lineup. Released earlier this y ...

Plantronics Rig Surround 7.1 headset

Trying to capture the true soundscape of video games can be a daunting task. Looking to surround-sound home theater options, users hav ...

Sponsor

toggle

Most Commented

 
toggle

Popular News