Report Alleges Egyptian Government is Secretly Mining Cryptocurrencies on Citizens’ Devices

Report Alleges Egyptian Government is Secretly Mining Cryptocurrencies on Citizens’ Devices

An investigation by The Citizen lab has found evidence that Egyptian authorities are mining cryptocurrencies on citizen’s computers and laptops.

Using Internet scanning the researchers found deep packet inspection middleboxes on Telecom Egypt connections. Unencrypted traffic, (that uses http, not https) was redirected to browser cryptocurrency mining scripts. The researchers suggest this was done in order to extract revenue from unsuspecting internet users.

The report also identified the same malicious system being used in Turkey to inject citizen’s devices with spyware. Both Egypt and Turkey have been increasingly authoritarian in recent years, breaching multiple human rights obligations. Reporters Without Borders ranked Egypt 161st out of 180 currencies in its 2017 World Press Freedom Index, and 800 people have been sentenced to death since 2013. Journalists, human rights defenders, and protesters have experienced mass arrests, disappearances, and torture.

After an extensive investigation, the team was able to track the network injections from both Egypt and Turkey to Sandvine PacketLogic devices – an American-based firm which sold the Turkish system as part of a $6,000,000 contract. At the time the deal caused a prominent member of the company to resign in protest.

Attitudes to cryptocurrency are split in the highly religious Egypt. Earlier this year Egypt’s foremost religious leader called for a blockchain ban, stating that Bitcoin was illegal under Sharia law.

Whilst some authorities in Egypt are against the technology, the attackers are likely making large amounts of money. A report from Talos earlier this month, a leading cyber security intelligence firm, estimates that malicious mining could be netting attackers over $100m a year. The report estimated that each infected device can generate about 28 cents a day. With 2000 devices that adds up to $568 per day, and $200,000 a year. It’s likely however that the nation-wide system uncovered could have many many more devices infected – leading to much higher profits.

This type of attack has grown hugely in recent years, with malware research labs alleging that over 1.5 million devices have been affected. Website owners have deployed the technology as an alternative to ad-hosting. However, the primary use has been by hackers who slide the system onto internet users without them knowing.

The news of Egypt and Turkey’s use of the software comes as a reminder not only of the shaky human rights situation in these countries, but of state-sanctioned spying globally. As we progress through 2018 the internet is increasingly becoming less of a tool to connect citizens, and more a weapon to spy on them.

Featured image from Shutterstock.

10.03.2018 / 06:09 79
Internet Providers Caught Deploying Crypto Mining Malware Internet Providers Caught Deploying
If it wasn’t bad enough with hackers and dodgy websites trying to hijack your computer hardware to mine some crypto coins, ISPs have been discovered
Hackers Target 400,000 Computers with Mining Malware Hackers Target 400,000 Computers with
More than 400,000 personal computers have been attacked in a large-scale attempt to distribute cryptocurrency mining malware. The hackers used
Telecom Egypt Covertly Redirecting Internet Users To Crypto Mining Sites, Report Says Telecom Egypt Covertly Redirecting
A study has shown that Egyptian Internet user traffic is being manipulated by govt-linked entities to redirect users to crypto mining sites and ads.
Researcher Finds Nearly 50,000 Websites Running Cryptocurrency Mining Malware Researcher Finds Nearly 50,000 Websites
Troy Mursch from Bad Packets Report recently conducted an investigation, in which he found that the ongoing cryptojacking trend has infected nearly
Monthly Report of GMO Internet and Its Cryptocurrency Mining Business Published Monthly Report of GMO Internet and Its
GMO Internet Inc., a major Japanese company investing in Internet-related businesses and listed on the first Section of the Tokyo Stock Exchange, has
Domains Running Cryptocurrency Mining Scripts Surge 725 Percent Domains Running Cryptocurrency Mining
The number of domains with cryptocurrency mining scripts installed has skyrocketed 725 percent in four months, according to a security firm’s
Comments (0)
Add a comment
Comment on