Cryptocurrency, University of Toronto suspects "strange" movements in Egypt: a new case opens in the already turbulent cryptocurrency scenario.
According to a new dossier edited by a group of security researchers from the University of Toronto suspects that the Egyptian government, or entities related to it, are hijacking the connections of internet users to make the mining on cryptocurrencies
In fact, researchers at the university's Citizen Lab have identified a scheme they call "AdHose", which can secretly redirect the web traffic of Egyptian Internet users to malware that used their computers to extract cryptocurrency Monero or display advertisements. AdHose relies on the hardware installed within the networks of Telecom Egypt.
Always according to the presumptions of university researchers, Adhose it is used in two ways: in the first mode, any website that users attempted to view redirects their browsers to an ad network or malware that launches cryptocurrency mining. A scan in January found that 95% of the observed devices, with more than 5.700 units, were affected by AdHose (but the report did not quantify the total number of users affected).
However, the modality in question would be used sparingly, the researchers said. The alternative is a second trickle mode, which redirects web traffic only when users visit certain sites such as CopticPope.org, a religious site, and Babylon-X.com, a porn site. This second mode is in continuous operation, and is therefore not activated on occasion.
Moreover, Citizen Lab claims to have found similar patterns in Turkey and Syria, although in place of cryptocurrencies or advertisements, users were offered spyware rather than downloading legitimate antivirus programs.
We just have to wait for clarifications on this story which is obviously still rather obscure ...