GCHQ Used Man-In-The-Middle Attack Against Belgian Telecom
It’s not the most sophisticated type of hack, but it’s arguably the most elegant. The man-in-the-middle attack through LinkedIn is apparently what the UK’s Government Communications Headquarters (GCHQ) used to gather information from high-level people in a Belgian telecom.
In essence, a MitM attack inserts the hacker’s connection in between the user and the target. The user believes they are interacting with the target but are actually sending their information to the hacker, who then sends the information through to the target. In this case, the GCHQ likely spoofed LinkedIn, then transferred the data through to keep their cover.
The attack is normally used to get money. It’s not a technique used to collect communications or to take sensitive data from the infected computers, so it’s still not clear what the intentions were.
According to the Daily Dot:
The hack was originally reported by Der Spiegel back in September, based on documents leaked by former intelligence contractor Edward Snowden. At the time, it was not known how the GCHQ pulled off the attack.
Read More: Daily Dot