Saturday, March 10, 2018

ISP Caught Deploying Crypto Mining Malware in Turkey, Syria and Egypt

ISP Caught Deploying Crypto Mining Malware in Turkey, Syria and Egypt

Sandvine PacketLogic devices

Turkey, Syria and Egypt Fingered

Fingers have been pointed at internet providers in Turkey and Syria which have been secretly injecting surveillance malware, while those in Egypt have been using the same technology to inject browser based mining malware.

According to reports ISPs in these three countries are using Deep Packet Inspection technology from Sandvine to intercept and manipulate web traffic and end users’ computers. The technology allows internet providers to prioritize, degrade, block, inject, and log various types of internet traffic on a packet by packet basis.

Turkey’s Telecom network has been using Sandvine PacketLogic devices to redirect hundreds of targeted users to malicious websites and spyware. Similar incidents were recorded in Syria whereby users have been redirected to spurious versions of antivirus software containing government malware.

In Egypt telecoms operators have taken a step further and are using the technology to secretly inject crypto mining scripts into every HTTP page that users accessed. Researchers at Citizen Lab found that providers were using a scheme called AdHose to covertly raise money by mining the anonymous altcoin Monero;


1 comment:

  1. This comment has been removed by a blog administrator.


Popular Posts