After failing to infect targets with malware in spam emails, the U.S. National Security Agency has reportedly turned to Facebook.
According to a report by The Intercept, the NSA “disguises itself as a fake Facebook server” to perform “man-in-the-middle” and “man-on-the-side” attacks and spread malware. The Intercept is the first in a series of publications created by Pierre Omidyar’s First Look Media.
Journalists Ryan Gallagher and Glenn Greenwald claim that Facebook users are tricked into visiting “what looks like an ordinary Facebook page.” From there, they claim, “the NSA is able to hack into the targeted computer and covertly siphon out data from its hard drive.”
A Facebook spokesperson provided VentureBeat with the following statement:
“We have no evidence of this alleged activity. In any case, this method of network level disruption does not work for traffic carried over HTTPS, which Facebook finished integrating by default last year. If government agencies indeed have privileged access to network service providers, any site running only HTTP could conceivably have its traffic misdirected.”
A purportedly official animation, uploaded on Vimeo, reveals how the NSA conducts the Facebook hack:
NSA’s Facebook targeting is reportedly a response to the declining success of other malware injection techniques. Previous techniques include the use of “spam emails that trick targets into clicking a malicious link.”
It’s noteworthy that the NSA has also allegedly posed as Google to gain access to user data.
This news follows NSA leaker Edward Snowden’s appearance at SXSW. During his talk, Snowden stated that the U.S. “needs a watchdog that watches Congress.” When asked if he was satisfied with the current NSA debate, Snowden made clear that he would serve again as a whistleblower if he had a second chance.
Update 9:52 PT: Facebook’s response has been added to the story.