GCHQ infected Belgium’s largest telecom company with spyware

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

GCHQEarlier this week, Belgacom – Belgium’s largest telecommunications company – revealed that it had been hacked, and that an “unknown virus” had been found on its computer systems.

Now the mystery of who was responsible for the hack appears to have been revealed. And it wasn’t traditional cybercriminals. It was the UK’s intelligence service, GCHQ.

The revelations are made by Der Spiegel which has received top secret slides from GCHQ’s Network Analysis Centre (NAC), via whistleblower Edward Snowden related to an attack dubbed “Operation Socialist”.

Operation Socialist

Sign up to our free newsletter.
Security news, advice, and tips.

In all likelihood, the Belgacom staff who were targeted didn’t realise that the “Quantum Insert” spyware was being silent planted onto their computers, after they visited boobytrapped websites. Once in place, the malware could secretly spy upon their activities, stealing passwords and other documents and installing further code at the behest of its remote operators.

The slides indicate that the British authorities were pleased with the “good access” their infiltration had achieved.

The leaked slides refer to CNE (Computer Network Exploitation), and appear to detail a successful attempt to compromise Belgacom’s infrastructure for the purposes of MITM (man-in-the-middle) attacks on smartphone users.

Whoever put the slides together has added some natty clipart to denote the success of the operation:

Operation Socialist success

It appears, as I described earlier this week, that the goal of the intrusion was to snoop on BICS (Belgacom International Carrier Services), which provides wholesale carrier services around the world to wired and wireless operators, carrying communications for the likes of Syria and Yemen.

Belgium and the United Kingdom are, of course, close European partners. We’re not likely to see obvious sabre-rattling over evidence of spying like this – although it’s hard to imagine that the diplomats won’t be hard at work behind closed doors trying to soften tempers.

Learn more in this article in The Register, and in the original report from Der Spiegel.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.