ExtremeHacking
Today : | Time : | safemode : ON
> / Main Website / Cyber Surakha Abhiyan / Hackers Charity / Linkedin / facebook / twitter /
Name Author Perms Com Modified Label

Snowden reveals, GCHQ planted malware via LinkedIn and Slashdot traffic to hack Belgacom Engineers Unknown rwxr-xr-x 0 11/12/2013

Filename Snowden reveals, GCHQ planted malware via LinkedIn and Slashdot traffic to hack Belgacom Engineers
Permission rw-r--r--
Author Unknown
Date and Time 11/12/2013
Label
Action
Ethical Hacking Institute in Pune
./Arizona Team

Edward Snowden, a former contractor at America's National Security Agency (NSA), has rocked the intelligence world by leaking secret documents which reveal the previously unknown extent of global spying. But looks like the NSA isn't the only one using dirty digital tricks to hack its targets

























Back in September, it was reported that the UK's equivalent of the NSA, GCHQ had hacked Belgacom, a leading telecommunications provider in Belgium.

Some New analysis of the Snowden papers by German magazine Der Spiegel shows that British intelligence agency GCHQ created fake LinkedIn and Slashdot pages to spy on computers of Belgacom network engineers.

Communications networks are particularly valuable to spies, because they allow instant access to individual users. Belgacom provides internet access to dozens of key EU institutions based in its capital city Brussels and its global roaming exchange is a hub for connections between various international mobile networks.

GCHQ reportedly used a method called “quantum insert”, to redirect employees of Belgacom, Belgium’s largest telecommunications company, to fake websites that contained malware.



























According to Der Spiegel, the first step for GCHQ was to identify employees at Belgacom working in its security and maintenance divisions, including finding out which ones use LinkedIn and Slashdot.

Then they redirected the intercepted traffic (using Man in the middle attack) to a spoofed server (codenamed "Fox Acid"), which can respond faster than the real one, is placed somewhere on the Internet backbone.

The documents reveal the extent to which spy agencies are able to use mobile communications to track people down and for surveillance. One document claimed, "We can locate, collect, exploit (in real time where appropriate) high-value mobile devices and services in a fully converged target centric manner."

A LinkedIn spokesman told Der Spiegel, "We were never told about this alleged activity and we would never approve of it, irrespective of what purpose it was used for."

It’s unclear whether the GCHQ has its own version of FoxAcid or whether it just piggybacks on the NSA’s servers as per their unique surveillance cooperation relationship. Slashdot hasn't responded to a request for comment.

we wonder if there is any possibility that LinkedIn and Slashdot can go after the government on legal basis for effectively attacking their servers?

www.arizonainfotech.com
CEH CHFI ECSA ENSA CCNA CCNA SECURITY MCITP RHCE CLOUD ANDROID IPHONE NETWORKING HARDWARE TRAINING INSTITUTE IN PUNE, Certified Ethical Hacking, IT Security Training Information Security Traning Courses in Pune, ceh certification in pune, Ethical Hacking Course in Pune
 

Cyber Suraksha Abhiyan | Sadik Shaikh © 2015 Sadik Shaikh | CEH V9 | ETHICAL HACKING Course Training Institute in India-Pune
Extreme Hacking Template design by Sadik Shaikh | Cyber Suraksha Abhiyan