Best Bitcoin Card for Egypt

Scientists from the University of Toronto’s Citizen Lab discovered Internet connections in Turkey, Syria and Egypt that are infected with spyware and mining software. There is every indication that the Egyptian government is using its citizens’ Internet connections to mine crypto currencies.

Admittedly, it sounds like a conspiracy theory. But a team of scientists from Toronto has apparently found out that the Egyptian government is mining crypto at the expense of its citizens.

In a 30-page report, the team of scientists describes that the Internet connection of users in Syria and Turkey has been infected by spyware. The attackers used devices that infect browsers with mining scripts and redirect them to affiliate links. In further research, Citizen Lab found that the Egyptian government used the same devices to carry out censorship. From this, they conclude that the Egyptian government also does the mining. But one by one.

Malware in Turkey – Spyware in Windows products

The malware that infected the computers was attached to downloads from official Windows applications that crept in through sites such as Avast Antivirus, CCleaner, Opera and 7-Zip. The software redirected user requests to malicious versions. These ultimately contained spyware. According to the report, the spyware resembled the Strong Pity software, which operators only release to states. The attackers used so-called middleboxes to make the attacks possible.

Egypt – censorship, spyware and crypto-mining

Citizen Lab found similar middleboxes in Egypt in the network of Telecom Egypt. The middleboxes redirected requests from Internet users to affiliate ads and scripts for crypto mining. The scientists compared the middleboxes with devices from Sandvine PacketLogic, a US manufacturer of monitoring and monitoring tools. They came to the conclusion that the features of the US software correspond to the middleboxes used.

The Egyptian government in turn used the software for censorship. The software is targeted by many, especially websites such as Humans Right Watch, Reporters Without Borders, Al Jazeera, Mada Masr and HuffPost Arabic. In Turkey, the government blocked Wikipedia, the homepage of the Dutch Broadcast Foundation and that of the PKK.

The research of Citizen Lab

Citizen Lab ordered a used PacketLogic device and used it to verify their suspicions. They then cross-checked the traces of the various attacks and came to the conclusion that they must be the same devices.

Egypt was ranked 161 out of 180 in the Press Freedom Index by Reporters Without Borders in 2017. After numerous restrictions, arrests of journalists, restrictions on freedom of the press and corruption reports, the government legally secured its position.

In 2003, the government launched a law dealing with the “regulation of telecommunications”. According to the law, the military was granted permission to exercise its “power within the law” and to use “telecommunications services for encryption” without further permission. Article 73 of the same law prohibits telecommunications providers from intervening.

Spying on citizens through AdHose

Based on their research, the research team eventually searched for spyware in Egypt and found that a system called AdHose was active. AdHose is a mining system that uses middleboxes to tap into users’ Internet connections. Citizen Lab now assumes that the software has been infected via Sandvine PacketLogic devices.

The team eventually tracked the devices’ digital fingerprints and found that it resembled a program used in 2016 to identify and infect users who visited certain pornographic websites. This program was part of the government’s censorship approach in Egypt.

Ultimately, by scanning all infected websites, CitizenLab found that the same device AdHose was running on was responsible for Internet censorship. CitizenLab concludes that it must be the same operator – the Egyptian government.

So it was the same devices that the government used for internet censorship and that people involuntarily use for crypto-mining.

Is it all true?

The Citizenlab in Toronto consists of an interdisciplinary team of scientists. They come mainly from political science, computer science and area sciences. The cited study was developed in collaboration with the Center for Long Term Cybersecurity at the University of Berkeley and is supported by various foundations. These include the Ford Foundation, the MacArthur Foundation and the Oak Foundation.

The study seems to have been thoroughly researched. Also the team of scientists around CitizenLab comes from renowned universities. Therefore, everything looks like the data is reliable. However, they can’t prove the last connection between the devices and the Egyptian government, even if everything speaks for it. Whether it’s true or not, we’re on it.