NSA Masqueraded as Facebook to Spread Malware on User PCs

By on

The NSA spying on users is a well known fact. But what you might not know is exactly how they are snooping around your data in a covert manner.

The Clandestine Operation (a.k.a TURBINE):

According to a report by The Intercept, the NSA "disguises itself as a fake Facebook server" to perform "man-in-the-middle" and "man-on-the-side" attacks and spread malware. From there, they claim, "the NSA is able to hack into the targeted computer and covertly siphon out data from its hard drive" and this was achieved under a program named TURBINE.

TURBINE, which was allegedly part of a bigger intelligence initiative called "Owning the Net," was able to infiltrate 85,000 to 100,000 computers around the world.

According to The Intercept, this particular phase of the operation began way back in 2010.

So What on Earth is 'Man-On-The-Side' Attack?

According to The Intercept, to perform a man-on-the-side attack, the NSA observes a target's Internet traffic using its global network of covert "accesses" to data as it flows over fiber optic cables or satellites. When the target visits a website that the NSA is able to exploit, the agency's surveillance sensors alert the TURBINE system, which then "shoots" data packets at the targeted computer's IP address within a fraction of a second.

And What is 'Man-In-The-Middle' Attack?

A man-in-the-middle attack is a similar but slightly more aggressive method that can be used by the NSA to deploy its malware. It refers to a hacking technique in which the agency covertly places itself between computers as they are communicating with each other.

This allows the NSA not only to observe and redirect browsing sessions, but to modify the content of data packets that are passing between computers, reports The Intercept.

Facebook's Response to the Allegation:

Facebook spokesperson Jay Nancarrow said the following to Mashable, "We have no evidence of this alleged activity. In any case, this method of network level disruption does not work for traffic carried over HTTPS, which Facebook finished integrating by last year. If government agencies indeed have privileged access to network service providers, any site running only HTTP could conceivably have its traffic misdirected."

The report, which describes several other global surveillance projects linked to TURBINE, goes on to claim that the NSA shared some details about the initiative with Canada, the UK, Australia and New Zealand.

Edward Snowden's Response from SXSW Discussion:

This shocking news follows Edward Snowden's appearance at SXSW. In his talk, Snowden stated that the U.S. "needs a watchdog that watches Congress." He also went ahead and said, he would serve again as a whistle-blower if he had a second chance.

What do you think about this covert operation? Please feel free to leave a comment.

Join the Discussion