NSA QUANTUMHAND - NSA disguises itself as a fake Facebook server

The Intercept has published the latest set of NSA documents leaked by Edward Snowden. The story is time is How the NSA Plans to Infect “Millions” of Computers with Malware. To the Facebook users out there who don't really care about this stuff, take a look at this short video:

How the NSA Secretly Masqueraded as Facebook to Hack Computers for Surveillance from First Look Media on Vimeo.

It's a man on the side attack. As Glenn Greenwald and Ryan Gallagher say in the article:

"In one man-on-the-side technique, codenamed QUANTUMHAND, the agency disguises itself as a fake Facebook server. When a target attempts to log in to the social media site, the NSA transmits malicious data packets that trick the target’s computer into thinking they are being sent from the real Facebook. By concealing its malware within what looks like an ordinary Facebook page, the NSA is able to hack into the targeted computer and covertly siphon out data from its hard drive. A top-secret animation demonstrates the tactic in action.

The documents show that QUANTUMHAND became operational in October 2010, after being successfully tested by the NSA against about a dozen targets.

According to Matt Blaze, a surveillance and cryptography expert at the University of Pennsylvania, it appears that the QUANTUMHAND technique is aimed at targeting specific individuals. But he expresses concerns about how it has been covertly integrated within Internet networks as part of the NSA’s automated TURBINE system.

“As soon as you put this capability in the backbone infrastructure, the software and security engineer in me says that’s terrifying,” Blaze says.

“Forget about how the NSA is intending to use it. How do we know it is working correctly and only targeting who the NSA wants? And even if it does work correctly, which is itself a really dubious assumption, how is it controlled?”"

When asked to comment Facebook said had "no evidence" of QUANTUMHAND activity.