It used a programme command-and-control infrastructure dubbed TURBINE to inject malware ‘implants’ on computers and networks.
The US National Security Agency (NSA) has reportedly pretended to be Facebook to infect users PCs on a mass scale with malware and spy on them via automated systems since 2010.
It used a programme command-and-control infrastructure dubbed TURBINE to inject malware ‘implants’ on computers and networks to keep an eye on user activities including capturing email, browsing history and other information.
About 85,000 to 100,000 of implants have already been deployed thus far globally, latest Snowden documents reveal.
TURBINE is designed to enable the existing implant network to boost its size and manage millions of computer systems hit with malware at a time.
The secret system reportedly operates from NSA headerquarters with spying bases located in UK and Japan. UK intelligence agency GCHQ said to have played a key role in helping chalk out the implants tactic, the Intercept reported.
In some cases NSA disguised as a fake Facebook server, becoming a launch pad for spreading the implants to steal files from hard drives.
Facebook said in a statement to the National Journal: "This method of network level disruption does not work for traffic carried over HTTPS, which Facebook finished integrating by default last year."
"If government agencies indeed have privileged access to network service providers, any site running only HTTP could conceivably have its traffic misdirected," the social networking major added.
However, Facebook denied of having any knowledge of the NSA’s TURBINE programme by saying the NSA or hackers can no longer attack users in that way, while warned other websites and social networks may still be open to such attacks.