As part of its efforts to install malware on “millions” of computers worldwide, the National Security Agency impersonated Facebook to trick targets into downloading malicious code.
“In some cases the NSA has masqueraded as a fake Facebook server, using the social media site as a launching pad to infect a target’s computer and exfiltrate files from a hard drive,” reports The Intercept
in its latest expose based on top-secret documents obtained by Edward Snowden.“[The NSA] has sent out spam emails laced with the malware, which can be tailored to covertly record audio from a computer’s microphone and take snapshots with its webcam. The hacking systems have also enabled the NSA to launch cyberattacks by corrupting and disrupting file downloads or denying access to websites.”
The Facebook trick was called QUANTUMHAND by the NSA, and was initially tested on “about a dozen targets” before being launched on a larger scale in 2010, the documents show.
What began as a way to hit “hart-to-reach” targets – around 100 to 150 of them, as of 2004 – the NSA’s malware-spreading efforts have since proliferated to potentially millions of computers around the globe using an automated system known internally as TURBINE. Using TURBINE, documents reveal, gave members of the NSA’s Tailored Access Operations (TAO) unit the ability to tap into, or destroy, computers on a massive scale.
Here’s how The Intercept’s Ryan Gallagher and Glenn Greenwald describe some of the various tailored malware the NSA deploys into targeted machines:
One implant, codenamed UNITEDRAKE,
can be used with a variety of “plug-ins” that enable the agency to gain
total control of an infected computer.
An implant plug-in named
CAPTIVATEDAUDIENCE, for example, is used to take over a targeted
computer’s microphone and record conversations taking place near the
device. Another, GUMFISH, can covertly take over a computer’s webcam and
snap photographs. FOGGYBOTTOM records logs of Internet browsing
histories and collects login details and passwords used to access
websites and email accounts. GROK is used to log keystrokes. And
SALVAGERABBIT exfiltrates data from removable flash drives that connect
to an infected computer.
The documents also indicate that some of these viruses disable
targets’ ability to use encryption software to mask Internet activity or
send emails privately. This and other malware efforts are part of what
the NSA documents call its “Owning the Net” program.Fox
1 comment:
As increasing infringements on our Email and online privacy rises, we see great demand for a solution. The threats against your personal Internet privacy is increasing everyday as "free" Email providers, hackers, NSA's PRISM program, and the amended US Patriot Act are just a few of a growing list that are compromising our freedoms. As we stand at a crossroads, it may appear hopeless to protect our God given rights to privacy but rest assured, there are real solutions to this serious problem!
www.americansrighttoprivacy.com offers 100% guaranteed online privacy because our servers are located in Switzerland, a safehaven for secure digital communications. As a law abiding citizen, you can be sure your digital data is safe from any agency, business, or anyone at all wanting to retrieve your information. Access to your online data communications by any authority requires an official warrant issued by a federal judge of Switzerland while most countries surrender your data without consent.
Post a Comment