GCHQ accused of using fake LinkedIn pages to access company data

Surveillance

British intelligence and security organisation GCHQ hacked Belgian telecommunications company Belgacom via spoof employee LinkedIn profiles.

The top secret' project was leaked by NSA whistleblower Edward Snowden in a presentation and revealed the victim would not have known they were being watched because the malware was invisible to them.

Profiles would have displayed as normal despite being fake set-ups, not hosted on LinkedIn - but the malware allowed intelligence officers to access their computers.

The majority of those targeted worked in network maintenance and security for the company.

LinkedIn has denied having anything to do with the hack, saying it takes the privacy of its users very seriously and "does not sanction the creation or use of fake LinkedIn profiles or the exploitation of its platform for the purposes alleged in this report. To be clear, LinkedIn would not authorise such activity for any purpose,' and was not notified of the alleged activity."

When the GCHQ had managed to access the computers of engineers, they were able to access information about the company and its subsidiary BICS, which operates a GRX router system that allows people to make and receive calls or use data abroad.

This enabled the organisation to access data about the locations of targets and who they are communicating with.

Mobile networks expert Philippe Langlois told German website Spiegel: "This way, an intelligence service could read the entire Internet communications of the target and even track their location or implant spying software on their device."

He explained, since there are several hundred wireless companies, but only about two-dozen GRX providers worldwide, it is a much easier way to track the activities of targets.

The presentation revealed by Snowden (and reportedly seen by Spiegel) mentioned other telecommunications companies GCHQ was interested in, including Swiss company Comfone and Mach, which is now owned by Syniverse and Starhome Mach.

The document went into detail about a particular employee at Mach, listing all the devices he uses, identifying work devices and personal technology. GCHQ is said to have accessed cookies on his computer and lists his Skype name, Gmail user name and other social accounts he uses.

In January this year, GCHQ was accused of hacking mobile apps Angry Birds and Google Maps to collect user data with the NSA.

It was another of the security leaks revealed by Snowden and it's said the organisations were trying to take advantage of "leaky apps" that inadvertently spill details about the age, sex and location of their users.

Clare Hopping
Freelance writer

Clare is the founder of Blue Cactus Digital, a digital marketing company that helps ethical and sustainability-focused businesses grow their customer base.

Prior to becoming a marketer, Clare was a journalist, working at a range of mobile device-focused outlets including Know Your Mobile before moving into freelance life.

As a freelance writer, she drew on her expertise in mobility to write features and guides for ITPro, as well as regularly writing news stories on a wide range of topics.