Egyptian government infesting citizens’ computers with cryptomining malware

Egyptian government or organizations related to it have been accused of infecting their citizens’ computers with crypto mining malware.

According to the news reports by the researchers at The University of Toronto [UofT], the Egyptian government has been infecting local computers with crypto mining malware. The malware yet again was found in Coinhive. Coinhive has been previously accused of lack of security when the crypto jacking malware was found on 50,000+ WordPress websites.

According to Citizen Lab, following are the key findings:

  • Deep packet inspection middleboxes were found on the Türk Telekom’s network.
  • These middleboxes are used by the hijackers to redirect the users to affiliate ads or browsers for cryptocurrency mining.

The researchers who unearthed this incident exclaimed:

“this type of intrusion by a nation-state is the stuff of legends”

The researchers at Citizens Lab who is a part of UofT research team conducted studies on topics such as network surveillance. The government is accused of using Adhose to inflict the computers. This redirects the users to the malware which is used to mine Monero. Adhose thrives on the hardware which is pre-installed on the networks of the Egyptian telecom services.

The hardware used in Adhose doubles up as a censorship tool as it blocks users from visiting websites like Al Jazeera, Human Rights Watch, Reporters without Borders, Mada Masr, HuffPost Arabic and such other which weakens the government rule.

It is said that the government uses two ways to infect the computers –  Spray and Trickle.

In spray mode, the affected users will be redirected to the malware or an ad network which has Coinhive. It is said that approximately 95% of the total scanned devices were infected with the malware.

The Trickle technique is more popular than the Spray Technique. In this, the users are redirected only when they visit a few select websites including CopticPope.org, a formerly religious website, and Babylon-X.com, a porn site.

Shawki Allam, the current Grand mufti of Egypt had recently commented that cryptocurrency is forbidden under Islamic religious law, as it is volatile and unreliable.

Source: Read Full Article

Leave a Reply