PCMag editors select and review products independently. If you buy through affiliate links, we may earn commissions, which help support our testing.

PCMag UK

Report: U.K. Used Fake LinkedIn, Slashdot Pages to Spy on Telecom Firm

Chloe Albanesius
 & Chloe Albanesius Executive Editor, News

Our team tests, rates, and reviews more than 1,500 products each year to help you make better buying decisions and get more from technology.

Our Expert
LOOK INSIDE PC LABS HOW WE TEST
65 EXPERTS
43 YEARS
41,500+ REVIEWS

Teams from GCHQ, the U.K.'s version of the National Security Agency, used fake, malware-laden LinkedIn and Slashdot pages to gain access to the PCs of those who work for Belgian telecom firm Belgacom, according to a new report.

Germany's Der Spiegel, citing data provided by former NSA contractor Edward Snowden, reported today that the UK Government Communications Headquarters (GCHQ) researched those who worked in network maintenance and security at Belgacom and figured out which employees used LinkedIn and Slashdot.

GCHQ then served up fake LinkedIn and Slashdot pages. They looked like normal Web pages, but they were actually malware-laden clones, which infected workers' PCs and gave GCHQ far-reaching access into their files, Der Spiegel said.

That access was acquired via a technique known as "Quantum Insert," which let GCHQ spy on Belgacom and its subsidiary BICS, which runs a GRX router system. "This type of router is required when users make calls or go online with their mobile phones while abroad," the paper said.

An October story from The Guardian, which has published the bulk of the Snowden-related material, said that tricking users into visiting dummy sites requires "secret partnerships" with telecom firms.

For one U.S. program known as Turmoil, "the NSA places secret servers, codenamed Quantum, at key places on the Internet backbone," The Guardian said. "This placement ensures that they can react faster than other websites can, [and] impersonate a visited website to the target before the legitimate website can respond."

In an emailed statement, GCHQ said "it is longstanding practice that we do not comment on intelligence matters."

Earlier this year, Belgacom acknowledged a "digital intrusion" in the form of "an unknown virus in a number of units in our internal IT-system." Belgacom did not name who was responsible for the attack, saying only that "it is up to the Federal Prosecutor's investigation to bring clarity on this."

A Belgacom spokeswoman declined to comment on the Der Spiegel story since "the investigation by the Federal Prosecutor regarding the digital intrusion is still on-going."

LinkedIn did not immediately respond to a request for comment, but in a statement to Der Spiegel, it said it would not authorize such an intrusion and "was not notified of the alleged activity."

Slashdot's parent company, Dice Holdings, said in a statement that it was "alerted to these reported government agency actions by a submission on Slashdot made by the community Sunday evening linking to news stories."

"To be clear, we have not been asked to cooperate with any government agency related to this matter and have not provided access to Slashdot systems or user information," Slashdot continued. "We know of no unauthorized Slashdot code manipulation, or attempts to effect any. We do not approve of this reported activity and if true, it's unfortunate that we are yet another in a long line of internet businesses to suffer this type of intrusion."

In a separate story, meanwhile, Der Spiegel also reported that the NSA and GCHQ are spying on the Organization of the Petroleum Exporting Countries (OPEC).

About Our Expert

Chloe Albanesius

Chloe Albanesius

Executive Editor, News

My Experience

I started out covering tech policy in DC for The National Journal, where my beat included state-level tech news and all the congressional hearings and FCC meetings I could handle. I later covered Wall Street trading tech before switching gears to consumer tech. I now lead PCMag's news coverage.

My Areas of Expertise

Getting my start in DC means I still have a soft spot for tech policy; Congressional hearings can sometimes be as entertaining as a Bravo reality show, for better or worse. But PCMag is all about the technology we use every day, as well as keeping an eye out for the trends that will shape the industry in the years ahead (or flop on arrival). I've covered the rise of social media, the iOS vs. Android wars, the cord-cutting revolution that's now left us with hefty streaming bills, and the effort to stuff artificial intelligence into every product you could imagine. This job has taken me to CES in Vegas (one too many times), IFA in Berlin, and MWC in Barcelona. I also drove a Tesla 1,000 miles out west as part of our Best Mobile Networks project. Of late, my focus is on our hard-working team of reporters at PCMag, guiding and editing their robust coverage.

Read the latest from Chloe Albanesius

Read full bio