Ghostbusters cyber attack – Facebook’s secret war & eavesdropping attacks

Snapchat users eavesdropped on by a man-in-the-middle attack by Facebook

Facebook has probably deliberately bypassed Snapchat encryption. In connection with a class action lawsuit against the Facebook group Meta, documents have now been made public that once again provide explosive material in the Facebook scandal surrounding data protection and data sovereignty. Facebook’s action against Snapchat was probably far more aggressive than ever thought…

As a result, Mark Zuckerberg is probably directly involved in a “Ghostbuster” project to spy on Facebook competitors and is therefore much more guilty than previously known.

According to the report, real “man-in-the-middle” attacks were carried out against Snapchat.

The shocking facts that emerged from a class action lawsuit against the social media giant:

1️⃣ Caught & Exposed: Facebook’s Invisible War on Snapchat – A behind-the-scenes look at a privacy scandal that is shaking up our tech world.

2️⃣ Directly involved: Mark Zuckerberg is apparently personally deeply involved in espionage activities against competitors.

3️⃣ Secret Cyber Attacks: Facebook carried out eavesdropping attacks as “man-in-the-middle” attacks against Snapchat to decrypt encrypted data traffic.

4️⃣ VPN Onavo: Misused as a data espionage tool to gain insight into Snapchat, YouTube and Amazon usage.

5️⃣ Project Ghostbusters: An internal project at Facebook aimed at spying on competitors’ activities.

6️⃣ Root certificates: Why the misuse of this important security component in the communication of millions of users is the focus here.

7️⃣ Legal consequences: The investigation is part of an extensive class action lawsuit against Facebook.

The document is part of a class action lawsuit against Meta Platforms Inc. – formerly known as Facebook.

A man-in-the-middle attack is a form of cyberattack in which the attacker intercepts communication between two parties without them knowing about it.

The attacker can view, manipulate and even block the information before it is forwarded to the recipient. Such cyberattacks can be used for eavesdropping, data theft, targeted manipulation, malware infiltration or the redirection of network traffic.

Such attacks undoubtedly pose a serious threat to the security of online transactions and trustworthy communication , as they undermine confidence in the integrity of communications.

At least that is what publicly accessible court documents now suggest, which were compiled as part of a class action lawsuit against the Facebook group Meta.

It cites emails according to which Zuckerberg instructed employees to obtain reliable usage data despite the encryption of Snapchat traffic. As a result, work was carried out to decrypt SSL-encrypted data from Snapchat using the in-house VPN app Onavo.

The question of whether this program should be stopped was also later decided together with Zuckerberg.

These documents now shed a completely new light on a scandal that became public years ago. A large number of lawyers – a whole dozen, we read – relate the accusations made to Facebook’s aggressive action against its then up-and-coming competitor Snapchat.

Interes Facebook Project Project Ghostbusters

According to the documents, a so-called“Project Ghostbusters” was set up at Facebook – now Meta – to find out what kind of espionage was technically possible. The name “Ghost Hunter” seems to refer to the Snapchat logo, a white ghost on a yellow background.

In an email dated June 9, 2016, Zuckerberg stated that it was important to obtain reliable analytics data on Snapchat. Perhaps special software needs to be written, he suggests, adding: “You need to find out how to do that.”

Just a few days later, a team from the subsidiary Onavo suggested intercepting internet traffic on users’ smartphones using the VPN app of the same name in order to bypass the encryption.

Because a VPN service alone is not enough, a root certificate was also installed.

Root certificate attack vector

A root certificate is a digital certificate that is issued by a trustworthy certification authority – the so-called Certificate Authority (CA). It is located at the top of the digital certificate chain andhas the task of validating the identity and public key of the certificate holder. Root certificates are self-signed, which means that they are signed by the issuing certification authority itself and not by a higher-level entity.

A potential objection could therefore be that such certificates in this form do not really say much more than: “Trust me, I am encrypted and belong to organization X”.

Nevertheless, the importance of root certificates in the context of Internet security and digital communication is considerable:

1. Trust and security: Root certificates form the basis of the trust model for digital certificates. If an end user or a system trusts a root certificate, it also trusts all certificates that are issued by this root certificate or indirectly confirmed via a chain of intermediate certificates.
2. Encryption and authentication: They enable encrypted connections between web browsers and servers via HTTPS. When you visit a secure website, your browser checks the website’s certificate to ensure that it has been signed by a trusted certificate authority and that the identity of the website is authentic. This protects against man-in-the-middle attacks, in which attackers could attempt to intercept or manipulate traffic.
3. Root certificate store: Operating systems and web browsers contain a store of pre-installed root certificates from certificate authorities that they trust. If a certificate is issued by a root certificate in this store, the connection or digital signature is considered secure.
4. Risks and management: Since root certificates are at the top of the trust chain, misuse or compromise of a root certificate poses serious security risks. A malicious or compromised certificate authority could issue certificates for fraudulent purposes. Careful management and security of root certificates is therefore crucial.

In the context of “man-in-the-middle” attacks, an attacker presents a forged certificate that appears to have been signed by a trustworthy certification authority. However, a correctly installed and trustworthy root certificate helps the end user to verify the authenticity of the connection and recognize such attacks.

Exposed: Major attack violates the privacy of millions of users – The secret surveillance of Snapchat, YouTube and Amazon

This is the “man-in-the-middle” approach, summarized one manager. According to the plaintiffs’ team, documents and witness statements prove that this procedure was actually used on a large scale.

It mentions a period between June 2016 and the beginning of 2019. Later, encrypted traffic from YouTube and Amazon was also analyzed. Facebook used the data collected in this way to understand how Snapchat is used and to revise its own products based on this. Dozens of lawyers had been involved with Facebook and had assured them that the procedure was legal.

The question arises as to whether this is a violation of hacking laws. It has been known for years that Facebook has used Onavo to gain important insights into competitors’ apps and react to them. Onavo offered the Onavo Protect app, which routed the mobile device’s traffic through a VPN and analyzed it for security risks. It was prominently advertised with this promise.

At the beginning of 2019, Apple took action against the application, whereupon Facebook withdrew the app and closed the subsidiary responsible for it.

The legal proceedings are now being conducted as part of a class action against Facebook (Ref.: 3:20-cv-08570-JD). These explosive documents have now been brought to light.

Listen now:

Listen on Spotify: https://bit.ly/49gizXS

Enjoy on Apple Podcasts: https://apple.co/42lNbVB

What does this mean for the data sovereignty and freedom of information of all Facebook users?

The revelations surrounding the “man-in-the-middle” attacks and the associated practices raise serious questions about data sovereignty and freedom of information , and not just for Facebook users. On the one hand, this could serve as proof that users’ trust in Facebook’s handling of their private data has been profoundly destroyed. The possibility that Facebook actively circumvented encryption to collect usage data from competitors is far more than a mere indication that users’ privacy and control over their own data may have been compromised.

These incidents underline the need for a transparent and responsible data policy that prioritizes users’ rights to privacy and control over their own information. It could be a wake-up call for users to think more critically about what data they share online and how this data could be used by platforms.

In addition, these revelations could lead to increased demands for stricter data protection laws and regulations that ensure the sovereignty of users and their ownership rights to their data and thus also protect the freedom of information. The debate about data protection and data security will definitely intensify, with serious implications for the entire tech industry.

The question is always at what price we are prepared to put our personal data at risk. A game that reveals more about us than we might like.

How do we explain #privacy and the importance of #data protection to our children in a world dominated by #internet and #socialmedia? The #BfDI builds a fascinating bridge with free #Pixi books that do just that! ✅

Transparency of data processing and user rights in the shadow of Facebook’s scandal

In the wake of the revelations surrounding Facebook’s man-in-the-middle attacks on competitors such as Snapchat and the analysis of encrypted data streams from YouTube and Amazon, the transparency of data processing and the protection of our rights as users are increasingly becoming the focus of public debate. We users have a legitimate concern that Facebook and all platforms not only improve their user interface and functions, but also offer us comprehensive data protection guarantees .

These incidents appear to be just the tip of an iceberg, the most worrying part of which is still hidden below the waterline. To put it optimistically, there may already be an emerging trend in which large technology companies advertise trust, transparency and security to the outside world, but if the privacy and data sovereignty of us users is undermined in secret and laws do not protect us effectively, none of this is worth anything.

The revelations surrounding Facebook raise pressing questions:

• How do companies find a balance between the ease of use of their services, the protection of their users’ privacy and regulatory requirements?
• How can we be effectively guaranteed that our trust and our rights are protected?
• How can audits and open code policies effectively contribute to this?

Given the seriousness of the allegations against Facebook, a broad discussion about the role of large corporations in shaping digital identities, the associated user rights and the need for stricter regulation and monitoring of digital platforms is unavoidable. Users and data protectionists are increasingly demanding that technology companies adopt a user-centric approach not only in their service offerings, but also in their handling of user data.

A new start in the digital space: Why we need uniform data protection standards now

In our increasingly digitalized world, these concerns about data security and privacy are not only absolutely justified, but must be taken seriously.

When hyperscalers such as Apple, Amazon or Microsoft set new standards, the tech industry inevitably follows suit. Unless we fundamentally change the rules of the game and think and act in terms of interoperable and data protection-compliant standards that redefine our global, digital ecosystem and thus our role as users and consumers. This means being vigilant and proactively thinking and taking action.

What we need is the development and implementation of a uniform, sustainable concept for digitalization.

Trusted digital identities are ONE elementary building block and a valuable piece of the puzzle that ultimately fits into the big picture…

No more and no less…

Please support us by subscribing to our podcast & YouTube channel ➡️ Watch directly now: https://lnkd.in/ewzbRKaQ ⬅️ and of course we also look forward to your feedback, comments and likes!

As always, ours provides you with a compact overview, and with our links we offer you the opportunity for a comfortable deep dive if you want to find out more…

: https://lnkd.in/exv82i4M Compact information – easy to understand!

Until then, stay safe, creative and above all curious!

Your Sascha Block