NSA: Riding on Facebook's horse tail.
The U.S. National Security Agency (NSA) is once again close to denying reports that it is indiscriminately monitoring every computer on planet Earth. This time, the freshest, newest, most recent report of NSA mass-surreptitiousness (courtesy Edward Snowden -- ta) alleges the sneaky agency infects computers with malware via a fake Facebook (NASDAQ:FB) login page.
In IT Blogwatch, bloggers play keep-away with the man-in-the-middle.
Filling in for our humble blogwatcher Richi Jennings, is a humbler Stephen Glasskeys.
The [NSA] has reportedly been working for the past several years...to infect computers with surveillance malware and creating a command-and-control infrastructure capable of managing millions of compromised systems at a time. MORE
U.S. lawmakers had a chance to pose questions to the director of the [NSA] on Wednesday but declined to ask him about...agency plans to install malware on millions of computers. MORE
[Classified files provided by] NSA whistleblower Edward Snowden contain new details about groundbreaking surveillance technology the agency has developed to infect potentially millions of computers worldwide with malware "implants."
The automated system -- codenamed TURBINE -- is designed to "allow the current implant network to scale to large size (millions of implants) by creating a system that does automated control implants by groups instead of individually." MORE
TURBINE was active from at least July 2010...documents state, and has infected up to 100,000 devices and machines, with more planned.
TURBINE also links into a NSA sensor system dubbed TURMOIL, which taps into computer networks...to monitor data traffic and identify potential targets. MORE
Getting implants onto machines involved an array of deceptions: fake Facebook Web pages, spam emails, [and] man-in-the-middle attacks that would "shoot" bogus data at a target's computer when the NSA detected it was visiting a Web site the NSA could spoof. MORE
The NSA doesn't just hack foreign computers. It also piggybacks on the work of professional for-profit hackers, taking over entire networks of already-hacked machines and using them for their own purposes. MORE
[Reports of TURBINE suggest] that the NSA's tailored-access platform is becoming a bit more like the un-targeted dragnets everyone has been so upset about...stuff like the mass-collection of phone metadata, [and] tapping of undersea Internet cables. MORE
Simply logging into Facebook, or what you thought was Facebook, could have been enough to open your computer up to the [NSA's] eavesdropping schemes.
Facebook denied knowledge of this NSA "man in the middle" spy program and [said] that this sort of malware attack method is no longer viable. MORE