Sources: Yahoo modified spam filter to spy on users' emails

Yahoo spied on all incoming Yahoo Mail emails, according to a recent report, doing so under a secret court order on behalf of U.S intelligence agencies. The company made a statement in regards to the matter, saying the sources were 'misleading' and that the alleged software doesn't exist on its system. Now a new batch of sources have cropped up with more info, claiming Yahoo performed its spying deeds by tweaking its spam filter, using it to not only look for spam and other unsavory things, but to also keep an eye out for emails coming from a particular terrorist organization.

The latest information comes from sources speaking with the New York Times, which reports that it talked with several people, two of whom are government officials. According to these sources, Yahoo was hit with a Foreign Intelligence Surveillance Court order in 2015, something it wasn't allowed to disclose publicly. The Department of Justice was behind getting the court order, which required Yahoo to look for emails that contained a so-called 'computer signature' associated with some state-sponsored terrorist group.

While the original report said Yahoo built itself custom software to scan the emails, this latest group claims Yahoo used its existing — and subsequently modified — spam filter technology to scan the incoming messages. Via these alleged modifications, the sources say Yahoo stored emails that tripped the flag, enabling the FBI to get a copy of them for review.

The sources say the email scanning is no longer happening.

It isn't clear what terrorist group this digital signature belonged to. However, the sources say a judge was convinced of the probable cause for this mission, and he or she approved the court order personally. This supposedly came after a US intelligence agency discovered that this terrorist group was using Yahoo Mail and that their messages in some way involved a "highly unique" signature.

The system-wide spying was due to investigators not knowing what email address[es] was/were being used. The sources say the scanning was only for the messages containing this identifier and nothing else.