GCHQ "created fake LinkedIn, Slashdot webpages" to infect targets with malware

The revelations from NSA whistleblower Edward Snowden continue to tumble out in the pages of the world's media, embarrassing intelligence agencies as their surveillance activities are exposed.

Today it's GCHQ, the British intelligence gathering service, which is once again in the spotlight, after claims were published in Der Spiegel that the agency created bogus LinkedIn and Slashdot webpages, in order to infect computers belonging to targets with malware.

Leaked slide from GCHQ

It has been previously revealed that GCHQ targeted Belgacom, a major Belgian telecoms company, with malware.

Newly-released information leaked by Edward Snowden explains how it was done.

GCHQGCHQ's Network Analysis Centre (NAC) is said to have identified which of Belgacom's network security and maintenance staff used LinkedIn and read Slashdot.

Then, according to Der Spiegel, the spooks placed servers at internet switching points to intercept when targets were making web requests to visit LinkedIn and Slashdot, and serve up convince-looking but malware-laden versions of the pages instead.

LinkedIn is understandably unimpressed that its name is being brought into disrepute by GCHQ's activities, which could have seen the business networking site unfairly accused of spreading malware:

When contacted, LinkedIn stated that the company takes the privacy and security of its members "very seriously" and "does not sanction the creation or use of fake LinkedIn profiles or the exploitation of its platform for the purposes alleged in this report." "To be clear," the company continued, "LinkedIn would not authorize such activity for any purpose." The company stated it "was not notified of the alleged activity."

Does this sound like a serious and sophisticated operation conducted by GCHQ? Well, it is.

And, in case you've forgotten, this was Britain's intelligence service doing this against non-criminal employees of Belgium's leading telecoms company.

The UK and Belgium are partners in the European Union.

Makes you wonder what they're doing against their enemies, doesn't it?

Tags: , , , , , , ,

Smashing Security podcast
Check out "Smashing Security", the new weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"Three people having fun in an industry often focused on bad news" • "It's brilliant!" • "The Top Gear of computer security"

Latest episode:

, , , , , , ,

No comments yet.

Leave a Reply