The NSA Is Using Facebook to Hack Into Your Computer

green73

green73

Member
Joined
Dec 3, 2007
Messages
13,670
This just in from the Edward Snowden vault of government secrets: The National Security Agency is breaking into "potentially millions of computers worldwide" and infecting them with malware "implants" as part of an effort that is increasingly relying on automated systems and not human oversight, according to a by First Look Media report published Wednesday.

And the NSA is pretending to be Facebook to get the job done.

"In some cases the NSA has masqueraded as a fake Facebook server, using the social-media site as a launching pad to infect a target's computer and exfiltrate files from a hard drive," First Look reported on Glenn Greenwald's Intercept channel, citing a classified slide presentation from 2009. "In others, it has sent out spam emails laced with the malware, which can be tailored to covertly record audio from a computer's microphone and take snapshots with its webcam. The hacking systems have also enabled the NSA to launch cyberattacks by corrupting and disrupting file downloads or denying access to websites."

As part of the "industrial-scale exploitation," the agency is leveraging Facebook's global appeal to trick targets into logging in to a doppelganger version of the site, a technique dubbed "Quantumhand."

The agency is able to trick target computers by transmitting "malicious data packets" that disguise it as the real Facebook, a process illustrated in this top-secret animation:
Click to expand...

cont.
http://www.nationaljournal.com/tech/the-nsa-is-using-facebook-to-hack-into-your-computer-20140312
 
I'm going to start making my own powerpoints and see how long it takes before they get posted here.
 
Snew said:
quick, let me share this real fast
Click to expand...

LoL at the

images


I wonder how many times that story will be deleted from Facebook?
 
Again, when talking about this, talk about the fact that the NSA is making it easy for Iran, Russia and China to get into American computers, in government and at defense contractors.

If you want a strong national defense you have to stop the NSA from eroding it.
 
specsaregood said:
not me they aren't
127.0.0.1 facebook.com
127.0.0.1 www.facebook.com
127.0.0.1 facebook.com
127.0.0.1 www.facebook.net
127.0.0.1 www.facebook.org
127.0.0.1 connect.facebook.net
127.0.0.1 static.ak.facebook.com
127.0.0.1 s-static.ak.facebook.com
Click to expand...

For those interested, a more complete version, although this may be out of date as well.

127.0.0.1 www.facebook.com www.connect.facebook.com graph.facebook.com connect.facebook.net badge.facebook.com badge.facebook.net

127.0.0.1 facebook.com
127.0.0.1 product.canonical.com
127.0.0.1 static.ak.facebook.com
127.0.0.1 api.facebook.com
127.0.0.1 api.ak.facebook.com
127.0.0.1 www.facebook.com
127.0.0.1 login.facebook.com
127.0.0.1 register.facebook.com
127.0.0.1 en-gb.facebook.com
127.0.0.1 es-la.facebook.com
127.0.0.1 pt-br.facebook.com
127.0.0.1 fr-fr.facebook.com
127.0.0.1 de-de.facebook.com
127.0.0.1 it-it.facebook.com
127.0.0.1 ar-ar.facebook.com
127.0.0.1 hi-in.facebook.com
127.0.0.1 zh-cn.facebook.com
127.0.0.1 developer.facebook.com
127.0.0.1 developers.facebook.com
127.0.0.1 apps.facebook.com
127.0.0.1 www-college.facebook.com
127.0.0.1 platform.ak.facebook.com
127.0.0.1 creative.ak.facebook.com
127.0.0.1 new.facebook.com
127.0.0.1 tr-tr.facebook.com
127.0.0.1 es-es.facebook.com
127.0.0.1 el-gr.facebook.com
127.0.0.1 sv-se.facebook.com
127.0.0.1 da-dk.facebook.com
127.0.0.1 zh-hk.facebook.com
127.0.0.1 zh-tw.facebook.com
127.0.0.1 fi-fi.facebook.com
127.0.0.1 hs.facebook.com
127.0.0.1 id-id.facebook.com
127.0.0.1 ru-ru.facebook.com
127.0.0.1 hr-hr.facebook.com
127.0.0.1 m.facebook.com
127.0.0.1 nl-nl.facebook.com
127.0.0.1 nb-no.facebook.com
127.0.0.1 ja-jp.facebook.com
127.0.0.1 ko-kr.facebook.com
127.0.0.1 ms-my.facebook.com
127.0.0.1 sl-si.facebook.com
127.0.0.1 connect.facebook.com
127.0.0.1 cs-cz.facebook.com
127.0.0.1 pl-pl.facebook.com
127.0.0.1 secure.facebook.com
127.0.0.1 iphone.facebook.com
127.0.0.1 blog.facebook.com
127.0.0.1 0.channel24.facebook.com
127.0.0.1 s-static.ak.facebook.com
127.0.0.1 creativeupload.facebook.com
127.0.0.1 creativeupload-sf2p.facebook.com
127.0.0.1 upload.facebook.com
127.0.0.1 static.fbshare.me
127.0.0.1 sphotos.xx.fbcdn.net
127.0.0.1 sphotos-a.xx.fbcdn.net
127.0.0.1 sphotos-b.xx.fbcdn.net
127.0.0.1 sphotos-c.xx.fbcdn.net
127.0.0.1 sphotos-d.xx.fbcdn.net
127.0.0.1 sphotos-e.xx.fbcdn.net
127.0.0.1 xx-fbcdn-01-01-sjc1.facebook.com
127.0.0.1 xx-fbcdn-01-02-sjc1.facebook.com
127.0.0.1 xx-fbcdn-01-03-sjc1.facebook.com
127.0.0.1 xx-fbcdn-01-04-sjc1.facebook.com
127.0.0.1 xx-fbcdn-01-05-sjc1.facebook.com
127.0.0.1 www-slb-11-02-snc5.facebook.com
Click to expand...

Facebook doesnt just use that name plus dot com or net at the end. They use what is called a CDN or Content Delivery Network. Those domains need to also be blocked.
 
tobismom said:
They must need a nap. I'm not all that interesting.
Click to expand...

Its not about you being interesting, its about control when you do something that becomes interesting, like become Libertarian.

Other side of the coin is they understand how to best present information to you in a manner that causes you to have the reaction they desire you to have.
 
Dianne said:
Are your links safe ones? I just need to log on to facebook one time, to delete my account.
Click to expand...

On the one hand, the best link to use is:
https://www.facebook.com
That one is unlikely to be compromised by any ordinary hackers, and you can check the site's certificate to make sure it's really Facebook (or the NSA...see below).

On the other hand, depending on how sophisticated the NSA's phishing scheme is, it's possible that no link is safe from the kind of attacks discussed in this thread: A compromised DNS server for instance could redirect the correct URL to the incorrect IP address. Also, I'm not fully aware of the extent to which the NSA has compromised SSL/TLS, but I wouldn't be surprised if they could forge a certificate that makes it seem like a compromised site is the real Facebook. After attempting every exploit they can on your browser, they may then allow you to give them your username and password, log into the real Facebook FOR you, then forward the connection.

Not only do I not fully understand the implications of everything that has already been released, but there's more yet to come, and there's probably more that even Snowden never learned about. :-/
 
Last edited:
Dianne said:
Are your links safe ones? I just need to log on to facebook one time, to delete my account.
Click to expand...

Tech Explanation

127.0.0.1 means local host, or the source is the same as the destination. Each of the entries there makes sure that your computer does not talk to facebook because it cant. Your computer thinks it is facebook.
 
  • Like
Reactions: Tod
Just think, if the NSA wasn't spying on us, those resources could be used to find out what is going on in the world. Say missing airliners, or who is about to invade who, or who might be building bombs somewhere .... stuff like that.
 
You must log in or register to reply here.

Similar threads

PAF
Would you let Bill Gates hack your DNA?
Replies
5
Views
952
Pauls' Revere
Pauls' Revere
Swordsmyth
NSA is urging Apple and Android users to change two specific settings on their phones to prevent possible cyberattacks
Replies
0
Views
79
Swordsmyth
Swordsmyth
PAF
The Biggest Mistake America Has Ever Made
Replies
2
Views
484
WarriorLiberty
W
TheCount
Instead of obtaining a warrant, the NSA would like to keep buying your data
Replies
0
Views
212
TheCount
TheCount
PAF
“Sustainably” Surveilling and Tokenizing Nature
Replies
1
Views
2K
PAF
PAF
Back
Top