U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Hacking

QUANTUMHAND – NSA impersonates Facebook to inject malware

Recent revelations on TURBINE platform include also a disturbing truth, NSA used QUANTUMHAND exploits to implant malware in Facebook users’ machines. Last Week Ryan Gallagher and Glenn Greenwald revealed the existence of TURBINE platform, a sophisticated hacking architecture used to take control of botnet C&C servers managed by cybercrime. One of the details revealed by the journalists raised a heated […]

QUANTUMHAND – NSA impersonates Facebook to inject malware

Recent revelations on TURBINE platform include also a disturbing truth, NSA used QUANTUMHAND exploits to implant malware in Facebook users’ machines.

Last Week Ryan Gallagher and Glenn Greenwald revealed the existence of TURBINE platform, a sophisticated hacking architecture used to take control of botnet C&C servers managed by cybercrime.

One of the details revealed by the journalists raised a heated debate, the NSA secretly pretended to be a fake Facebook server to covertly serve for surveillance purpose.

The journalists reported that the NSA in different cases “masqueraded as a fake Facebook server, using the social media site as a launching pad to infect a target’s computer and exfiltrate files from a hard drive.” The documents leaked refer the QUANTUMHAND program as a collection of exploits explicitly designed to hit uses Facebook.

Facebook Quantumhand

According to the document leaked by Snowden, QUANTUM exploit suite includes numerous hacking tools, the slides refer DNS injection and HTTP injection capabilities. The collection of exploits also includes gadgets like a plug-in to inject into MySQL connections and compromise the Database.

NSA has the capability to conduct MITM attacks, a document dated April 2011 explains how the NSA impersonates Facebook servers to deploy its surveillance “implants” on target’s computers.

Facevook quantumhand server

 

fb QUANTUMHAND

The news disturbed the high-management of the Facebook firm, Facebook founder Mark Zuckerberg is infuriated and expressed it disappointment in a phone call to President Barack Obama:

“I’ve been so confused and frustrated by the repeated reports of the behavior of the US government,”“When our engineers work tirelessly to improve security, we imagine we’re protecting you against criminals, not our own government.”  Zuckerberg wrote in a blog post last week. 

Facebook Zuckerberg on NSA

The surveillance technology designed by NSA and the methods of injection adopted pose a serious risk to the entire Internet, every single Netizen could be subject of spying activities, any technology it uses.

The NSA refused the claims and released a public statement attacking the “inaccurate” media reports, the Agency denied that it was “impersonating U.S. social media or other websites” and it remarked that it had not “infected millions of computers around the world with malware.”

The NSA denies to have indiscriminately infected machine all around the world, but never provided explanations on the QUANTUMHAND exploits used to target Facebook users.

But the NSA has already released similar statements every time Snowden has leaked a new collection of documents, it seems that the imperative is to deny in an attempt to stem the hamorrhage of secret records that failed to preserve.

The public image of the NSA is seriously compromised, to regain the citizen’s trust it has to admit the covert operation, probably this is a suicide for the agency because it has to make public its aggressive policy, revealing targets and techniques adopted to hit them.

Pierluigi Paganini

(Security Affairs – Facebook, QUANTUMHAND )