Skip to main content

GCHQ used LinkedIn to plant surveillance malware

A new report has emerged based on the documents leaked by whistleblower Edward Snowden, claiming that GCHQ set up fake LinkedIn and Slashdot pages to plant malware within a number of international mobile telecommunications companies.

According to the German newspaper Der Spiegel, which first reported the infiltration, the British spy agency's project was codenamed “Operation Socialist” and aimed to “enable better exploitation” of telecommunications providers.

GCHQ reportedly used a method called “quantum insert”, doctoring LinkedIn and Slashdot so that users trying to legitimately access the websites were redirected to fake replica sites which then compromised their computers by secretly installing surveillance software upon them.

One such company hacked by GCHQ was the Belgian telecommunications company Belgacom, a partly-state owned internet-provider which was described by Der Spiegal as having been subjected to a major “hacking attack”.

With some 260 million users in more than 200 countries, a LinkedIn spokeswoman was quoted by the Independent as saying: “We were never told about this alleged activity and we would never approve of it, irrespective of what purpose it was used for.”

The report is the latest to revelation adding to the growing pressure on GCHQ. On 7 November the heads of GCHQ, MI5 AND MI6 appeared before an intelligence committee on live TV to give evidence relating to illegal spying allegations that had been lobbied at the government agencies since the first leaks began in June.

In October David Cameron defended GCHQ, saying that "snooping keeps us safe".