Search papers, labs, and topics across Lattice.
The paper introduces QSpy, a Quantum Remote Access Trojan, demonstrating a man-in-the-middle attack on quantum circuits submitted to cloud-based quantum computing platforms. QSpy intercepts quantum circuits by installing a rogue certificate authority and proxying API traffic, forwarding the circuits to a remote server for analysis without disrupting execution. This work highlights the vulnerability of quantum computing workflows to classical attack primitives and the need for submission-layer protections.
Your quantum circuits submitted to cloud platforms are vulnerable to classical man-in-the-middle attacks, enabling silent interception and analysis by malicious actors.
As quantum computing platforms increasingly adopt cloud-based execution, users submit quantum circuits to remote compilers and backends, trusting that what they submit is exactly what will be run. This shift introduces new trust assumptions in the submission pipeline, which remain largely unexamined. In this paper, we present QSpy, the first proof-of-concept Quantum Remote Access Trojan capable of intercepting quantum circuits in transit. Once deployed on a user's machine, QSpy silently installs a rogue certificate authority and proxies outgoing API traffic, enabling a man-in-the-middle (MITM) attack on submitted quantum circuits. We show that the intercepted quantum circuits may be forwarded to a remote server, which is capable of categorizing, storing, and analyzing them, without disrupting execution or triggering authentication failures. Our prototype targets IBM Qiskit APIs on a Windows system, but the attack model generalizes to other delegated quantum computing workflows. This work highlights the urgent need for submission-layer protections and demonstrates how even classical attack primitives can pose critical threats to quantum workloads.
