With the intention to infect millions of computers with malware, the National Security Agency impersonated popular social networking site Facebook.
According to documents leaked by Edward Snowden, the clandestine initiative enabled the NSA to break into targeted computers and to siphon out data from foreign Internet and phone networks.
Journalists Glenn Greenwald and Ryan Gallagher reported in The Intercept: “In some cases the NSA has masqueraded as a fake Facebook server, using the social media site as a launching pad to infect a target’s computer and exfiltrate files from a hard drive. In others, it has sent out spam emails laced with the malware, which can be tailored to covertly record audio from a computer’s microphone and take snapshots with its webcam. The hacking systems have also enabled the NSA to launch cyberattacks by corrupting and disrupting file downloads or denying access to websites.”
The Facebook exploit was called QUANTUMHAND and was first used on a few hundred hard-to-reach targets, whose communications could not be monitored through traditional wiretaps.
After that, the NSA planned to spread it to millions of computers around the globe using an automated system known internally as TURBINE.
TURBINE gave members of the NSA’s Tailored Access Operations (TAO) unit the ability to tap into, or destroy, computers on a massive scale, documents show.
See documents here.