Back in September, it was reported that the UK's equivalent of the NSA, GCHQ, had gleefully hacked
Belgacom, the Belgian telco, using a "quantum insert" to plant malware on the computers of key engineers at the company. At the time, it was described as follows:
According to the slides in the GCHQ presentation, the attack was directed at several Belgacom employees and involved the planting of a highly developed attack technology referred to as a "Quantum Insert" ("QI"). It appears to be a method with which the person being targeted, without their knowledge, is redirected to websites that then plant malware on their computers that can then manipulate them. Some of the employees whose computers were infiltrated had "good access" to important parts of Belgacom's infrastructure, and this seemed to please the British spies, according to the slides.
Over the weekend it appears that Der Spiegel published a further report by Laura Poitras on this hacking, which revealed that the spoofed websites used to install this malware
were none other than Slashdot and Linkedin. Interesting choices.
So, it sounds like they did a man-in-the-middle attack, redirecting very specific visitors from those two sites to sites that planted malware instead. I wonder if LinkedIn (which is already involved in a lawsuit over the NSA stuff) and Slashdot have any legal basis to go after the government for effectively attacking their servers?
: Nicholas Weaver explains what happened in much more detail
. It's not a fake page, but a packet injection attack.