The Hacker News Logo
Subscribe to Newsletter

NSA allegedly hacked Belgian Cryptography Expert with spoofed LinkedIn Profile

NSA allegedly hacked Belgian Cryptography Expert with spoofed LinkedIn Profile
Cryptographer Professor Jean-Jacques Quisquater has become the part of a targeted attack by the US National Security Agency (NSA) and its British counterpart GCHQ, first reported on Saturday morning by De Standaard.

A few months back in September 2013 it was revealed that, Belgacom, the largest telecommunications company in Belgium was hacked and number of employees on Belgacom’s network, including their servers were compromised.

Later in November 2013, it was revealed that the NSA and GCHQ were behind the infiltration of the company’s computers, according to the document provided by the former NSA contractor Edward Snowden.

The document detailed that the British intelligence agency GCHQ created fake ‘LinkedIn’ and ‘Slashdot’ pages to spy on computers of Belgacom network engineers. They used a method called “quantum insert”, to redirect employees to fake websites that contained malware using Man in the middle attack to a spoofed server (codenamed "Fox Acid"), which can respond faster than the real one, is placed somewhere on the Internet backbone.

The company had filed the complaint against an unknown third party to Belgian federal police (FCCU) and granted its full support to the investigation, which revealed that Quisquater’s computer was allegedly hacked in the same way as Belgacom’s. 

He had fallen victim to the same ‘quantum insert’ attack in which by responding to a LinkedIn message actually redirected him to a copycat website that infected his computer with spying malware.
"I received an ordinary e-mail asking me to connect to LinkedIn. I often receive that kind of mail. I didn't open it; I just looked at the content. It was sent by I person I know. At least, at first sight, because in reality it was sent by someone else. By the time I realized that, it was already too late as I had clicked on the link containing the person's profile," Prof. Quisquater told reporters. He also added,"My computer started to do strange things. If I have been hacked, there are bound to be hundreds of other cases where individuals were spied on, also in Belgium."
The Belgian federal police sent me a warning about this attack and did the analysis,” Quisquater told Gigaom. The NSA and GCHQ are both suspected by Belgian Federal Police to be the real face behind the attack. 

He doesn’t know the actual reason he could have been targeted, but can be estimated that: “There are many hypotheses (about 12 or 15) but it is certainly an industrial espionage plus a surveillance of people working about civilian cryptography.

Jean-Jacques Quisquater is a well-known professor in cryptography at the Université Catholique de Louvain (UCL) in Louvain-la-Neuve. There could be many reasons for him to be targeted by the intelligence agencies.

Quisquater is worldwide renowned because of his work in cryptography and we found a presentation called “The End of RSA” on his website that uncovered severe vulnerabilities in deployed systems using RSA, which could be one more reason for targeting him.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.