Facebook was impersonated by the National Security Agency in an attempt to trick "millions" of users into downloading malicious code through computer malware, according to the latest collection of national security details leaked by former NSA contractor Edward Snowden.
Aiming to target specific machines, the intelligence agency reportedly deployed malware code. The code then gave the NSA total control of the computer once it was able to get inside, UK MailOnline reported.
The Facebook con was dubbed as QUANTUMHAND by the NSA.
Glenn Greenwald at The Intercept was first to report the program, according to UK MailOnline.
"In some cases the NSA has masqueraded as a fake Facebook server, using the social media site as a launching pad to infect a target's computer and exfiltrate files from a hard drive," Greenwald said, based on classified documents given to him by Snowden.
"[The NSA] has sent out spam emails laced with the malware, which can be tailored to covertly record audio from a computer's microphone and take snapshots with its webcam," Greenwald said. "The hacking systems have also enabled the NSA to launch cyberattacks by corrupting and disrupting file downloads or denying access to websites."
Tested on "about a dozen targets" initially, the program became more widely used in 2010, according to the report.
"The program was started as a way to hit about 100 to 150 "hard-to-reach" targets," UK MailOnline reported. "However, the malware has since spread to potentially millions of computers across the world, UK MailOnline reported."
UK MailOnline added, "The malware was potentially able to infect so many computers by using an automated system the NSA calls TURBINE."
"One implant, codenamed UNITEDRAKE, can be used with a variety of 'plug-ins' that enable the agency to gain total control of an infected computer," Greenwald said. "An implant plug-in named CAPTIVATEDAUDIENCE, for example, is used to take over a targeted computer's microphone and record conversations taking place near the device."
Greenwald added, "Another, GUMFISH, can covertly take over a computer's webcam and snap photographs. FOGGYBOTTOM records logs of Internet browsing histories and collects login details and passwords used to access websites and email accounts. GROK is used to log keystrokes. And SALVAGERABBIT exfiltrates data from removable flash drives that connect to an infected computer."
