A new Snowden leak, reported by Laura Poitras in Der Spiegel, shows that the UK spy agency GCHQ used fake versions of Slashdot and LinkedIn to attack tech staff at Global Roaming Exchanges -- interchange points where large networks meet up. It's speculated that the attacks were used to compromise Belgacom International Carrier Services (BICS).
GRX is roughly analogous to an IX (Internet Exchange), and it acts as a major exchange for mobile Internet traffic while users roam around the globe. There are only around two dozen such GRX providers globally. This new attack specifically targeted administrators and engineers of Comfone and Mach (which was acquired over the summer by Syniverse), two GRX providers.
Der Spiegel suggests that the Government Communications Headquarters (GCHQ), the British sister agency to the NSA, used spoofed versions of LinkedIn and Slashdot pages to serve malware to targets. This type of attack was also used to target “nine salaried employees” of the Organization of Petroleum Exporting Countries (OPEC), the global oil cartel.
This new revelation may be related to an attack earlier this year against Belgacom International Carrier Services (BICS), a subsidiary of the Belgian telecom giant Belgacom. BICS is another one of the few GRX providers worldwide.
UK spies continue “quantum insert” attack via LinkedIn, Slashdot pages [Cyrus Farivar/Ars Technica]
The Internet Archive’s Brewster Kahle writes, “We founded a credit union to build a new path after the banking debacle of 2008 and it’s been crushed by federal regulators. The regulators close 200-300 credit unions every year, and have been since their founding of the NCUA in 1970. Only a couple are allowed to start […]
A leaked recording made of a conference call hosted by the Edison Electric Institute, which lobbies for the power industry, reveals lobbyists for high pollution companies talking about how they can exploit the Syrian refugee crisis to get a rider inserted into a pending bill that would kill the EPA’s Waters of the United States […]
The barb in trade agreements’ tail is the Investor State Dispute Settlement (ISDS) system, which lets companies sue governments to repeal rules that interfere with their profitability. It’s let tobacco giants fight anti-smoking campaigns, and now it’s letting fisheries attack rules aimed at preventing the wholesale slaughter of dolphins.
This minimalist multi-tool will see to it that instead of rocking a tool belt, you’ll carry just one. It’s shaped slightly like a key and weighs less than an ounce, so it plays nice with your keychain. The strong surgical-grade stainless steel blade will last, and is handy for everyday tasks like opening boxes and […]
The Code Black is our top-selling drone of all time—and for good reason. This powerful, palm-size drone is not only insanely fun to fly, but can capture some serious video footage from up above. With a flight time of about 10 minutes and an ultra-smooth ride, it’s a great introductory drone for anyone looking to […]
Don’t get handcuffed by Apple’s standard 3-foot Lightning cord (that you’ve most likely already lost), treat yourself to 10 feet of luxurious charging convenience. The Colossal is certified by Apple for its high-end quality, and designed to support full use of your phone while you power up. You can also get it in a 2-pack […]