The NSA reportedly poses as Facebook to spread malware
After failing to infect targets with malware in spam emails, the U.S. National Security Agency has reportedly turned to Facebook.
According to a report by The Intercept, the NSA “disguises itself as a fake Facebook server” to perform “man-in-the-middle” and “man-on-the-side” attacks and spread malware. The Intercept is the first in a series of publications created by Pierre Omidyar‘s First Look Media.
Journalists Ryan Gallagher and Glenn Greenwald claim that Facebook users are tricked into visiting “what looks like an ordinary Facebook page.” From there, they claim, “the NSA is able to hack into the targeted computer and covertly siphon out data from its hard drive.”
Facebook did not immediately respond to VentureBeat’s request for comment on the news. The Intercept offers the following details from Facebook:
Facebook spokesman Jay Nancarrow said the company had “no evidence of this alleged activity.” He added that Facebook implemented HTTPS encryption for users last year, making browsing sessions less vulnerable to malware attacks.
A purportedly official animation, uploaded on Vimeo, reveals how the NSA conducts the Facebook hack:
http://venturebeat.com/2014/03/12/the-nsa-reportedly-poses-as-facebook-to-spread-malware/
NSA surveillance initiative named “Owning the Net.”
Earlier reports based on the Snowden files indicate that the NSA has already deployed between 85,000 and 100,000 of its implants against computers and networks across the world, with plans to keep on scaling up those numbers.
The intelligence community’s top-secret “Black Budget” for 2013, obtained by Snowden, lists TURBINE as part of a broader NSA surveillance initiative named “Owning the Net.”
The agency sought $67.6 million in taxpayer funding for its Owning the Net program last year. Some of the money was earmarked for TURBINE, expanding the system to encompass “a wider variety” of networks and “enabling greater automation of computer network exploitation.”
Consequently, the NSA has turned to new and more advanced hacking techniques. These include performing so-called “man-in-the-middle” and “man-on-the-side” attacks, which covertly force a user’s internet browser to route to NSA computer servers that try to infect them with an implant.
To perform a man-on-the-side attack, the NSA observes a target’s Internet traffic using its global network of covert “accesses” to data as it flows over fiber optic cables or satellites. When the target visits a website that the NSA is able to exploit, the agency’s surveillance sensors alert the TURBINE system, which then “shoots” data packets at the targeted computer’s IP address within a fraction of a second.
In one man-on-the-side technique, codenamed QUANTUMHAND, the agency disguises itself as a fake Facebook server. When a target attempts to log in to the social media site, the NSA transmits malicious data packets that trick the target’s computer into thinking they are being sent from the real Facebook. By concealing its malware within what looks like an ordinary Facebook page, the NSA is able to hack into the targeted computer and covertly siphon out data from its hard drive. A top-secret animation demonstrates the tactic in action.
https://firstlook.org/theintercept/article/2014/03/12/nsa-plans-infect-millions-computers-malware/
Mikko Hypponen, an expert in malware who serves as chief research officer at the Finnish security firm F-Secure, calls the revelations “disturbing.” The NSA’s surveillance techniques, he warns, could inadvertently be undermining the security of the Internet.
“When they deploy malware on systems,” Hypponen says, “they potentially create new vulnerabilities in these systems, making them more vulnerable for attacks by third parties.”
http://www.f-secure.com/en/web/home_us/home?s_tnt=48484:1:0
= new reply since forum marked as read
so I am going to ignore this story... 
