Did British intelligence service spy on Luxembourg company?
(CS/DS) The UK's Government Communication Headquarters (GCHQ) has been accused of setting up fake LinkedIn pages to monitor employees, with a Luxembourg-based clearing company cited among the victims of the scheme.
According to Edward Snowden documents obtained by German magazine “Der Spiegel”, the GCHQ used the so-called “Quantum Insert” technique to gain access to insider information. Once a person accessed a fake LinkedIn page, the GCHQ was able to install spy software without the user's knowledge.
Belgian telecommunications giant Belgacom is cited by the online edition of the magazine as having been infiltrated by the British intelligence service.
Additionally, six employees of MACH, a Contern-based communications company used by mobile phone providers to coordinate international roaming traffic, are thought to have been monitored.
In 2013, US company Syniverse acquired MACH and the affected platforms, then selling part of the former MACH assets to Starhome.
A Starhome spokesperson commented to wort.lu/en: "We think it extremely unlikely that our platform is affected by this attack, which was instigated in 2010, but have decided to perform a security audit to ensure that no issues exist."
Syniverse meanwhile said to "Der Spiegel" that it was not aware of security breaches in its system.
LinkedIn, too, has denied any knowledge of the GCHQ's activities. It was not immediately known whether the Luxembourg secret service SREL knew about the surveillance scheme.