Have you got a Fed in your friends list? There are thousands of undercover FBI agents creeping on Facebook.
Have you accepted friend requests from anyone you don’t know? They might not be someone you met at a party once but an FBI agent posing as someone else, creeping on you and your friends and harvesting your data.
The National Security Agency and the FBI first teamed up way back in October 2010 to develop techniques for turning Facebook into a surveillance tool. This month Julian Assange warned that Facebook is an “appalling spy machine” and revealed that the site has “an interface that they have developed for U.S. intelligence to use.”
Documents released alongside security journalist Glenn Greenwald’s book, “No Place To Hide,” revealed the NSA and FBI work together in close partnership. The two agencies developed special techniques for exploiting Facebook chats, capturing private photos, collecting IP addresses, spreading malware, and gathering private profile data.
The document was obtained in a Freedom of Information Act lawsuit and made it clear that undercover FBI agents are logging into Facebook in their droves and exchanging messages with suspects, identifying the friends and family of suspects, and building private collections of personal photographs, videos, and posts.
According to Venture Beat, the slides below reveal the agencies’ goal for such creeping is to capture “a very rich source of information on targets,” including “personal details, ‘pattern of life,’ connections to associates, and media.”
NSA documents make painfully clear how the agencies collected information “by exploiting inherent weaknesses in Facebook’s security model” through its use of the popular Akamai content delivery network. The NSA describes its methods as “assumed authentication,” and “security through obscurity.”
The slide below shows how the NSA and U.K. spy agency GCHQ also worked together to “obtain profile and album images.”
According to a report by The Intercept, the above slides do not reveal the NSA’s Facebook surveillance program in full. The report states that the NSA also “disguises itself as a fake Facebook server” to perform “man-in-the-middle” and “man-on-the-side” attacks and spread malware [below].
As we wrote at the time, the “NSA’s Facebook targeting is reportedly a response to the declining success of other malware injection techniques. Previous techniques included the use of “spam emails that trick targets into clicking a malicious link.”
Following the report, released in March, Zuckerberg said, “When our engineers work tirelessly to improve security, we imagine we’re protecting you against criminals, not our own government.”
Zuckerberg claimed he disapproved of the NSA’s actions and said that he’s spoken to president Barack Obama by phone to “express [his] frustration over the damage the government is creating for all of our future.”
Think you know who’s behind that friend request? Think again. Your new friend just might be the FBI.