NSA Masquerades as Facebook to Infect Millions of Computers with Malware

The National Security Agency (NSA) is using a fake Facebook server to spread automated malware and expand its ability to hack into computers and networks around the world, according to a new report.

Classified files obtained from former NSA contract worker Edward Snowden have revealed the methods used by the agency and its counterparts, which include Britain's Government Communications Headquarters (GCHQ), to carry out "industrial-scale exploitation" of computer networks.

Using malware "implants", the agency has allegedly been infecting millions of computers in order to carry out surveillance on foreign communications networks while masked as the social network.

The NSA has also spread malware using spam email with malware embedded in them. Once downloaded by the targets the malware could be used to listen in on conversations using a computer's microphone or take control of webcams to take pictures.

The latest revelations were brought to light by Snowden confidante and former Guardian journalist Glenn Greenwald, together with Scottish journalist Ryan Gallagher.

Malware expert and chief research officer at the security firm F-Secure, Mikko Hypponen, labelled the methods used by the NSA as "disturbing" and claimed that they could inadvertently affect the security of the internet.

"When they deploy malware on systems they potentially create new vulnerabilities in these systems, making them more vulnerable for attacks by third parties," Hypponen told The Intercept.

Hypponen claims that using an automated system not fully governed by human oversight, in the manner the documents suggest, would mean the infection process would be out of control.

"That would definitely not be proportionate," Hypponen said. "It couldn't possibly be targeted and named. It sounds like wholesale infection and wholesale surveillance."

The agency has refused to comment on the latest revelations, citing a recent presidential policy put in place by President Obama that allows intelligence agencies to gather signals intelligence "exclusively" for foreign and counterintelligence purposes.