• 09:26
  • Tuesday ,13 March 2018
العربية

Telecom Egypt covertly redirecting internet users to crypto mining sites: report

By-egyptindependent

Technology

00:03

Monday ,12 March 2018

Telecom Egypt covertly redirecting internet users to crypto mining sites: report

Government-owned Telecom Egypt has allegedly been redirecting internet users to crypto mining sites, or displaying ads to secretly gain money, according to a report published by security researchers at the University of Toronto on Friday.

According to the report titled, “Bad Traffic:  Sandvine’s PacketLogic Devices Used to Deploy Government Spyware in Turkey and Redirect Egyptian Users to Affiliate Ads?,” researchers revealed that “deep packet inspection (DPI) middleboxes” are used to reportedly “hijack Egyptian internet users’ encrypted web connections en masse, as well as divert the users to revenue generating content like affiliate ads and browser cryptocurrency mining scripts,” the report said.
 
The researchers refer to the scheme used by Egypt as “AdHose,” explaining that it operates through two modes, a “spray mode” and a ” trickle mode.”
 
“In spray mode, AdHose redirects Egyptian users en masse to ads for short periods of time. In trickle mode, AdHose targets some JavaScript resources and defunct websites for ad injection. AdHose is likely an effort to covertly raise money, ” the report reads.
 
Additionally, the researchers explain that in “spray mode”, the hijacked devices are also redirected for cryptocurrency mining.
 
Security researchers further explain in the report that “trickle mode” attempts to open certain URLs redirects users to these ads or mining scripts. They list examples like CopticPope.org, which was formerly the website of the Pope of the Coptic Orthodox Church of Alexandria, and Babylon-X.com, formely a porn site. Also, Coinhive, a Monero mining platform that positions itself to sites as an online advertising alternative, was also listed in the table of links for AdHose middleboxes to redirect Egyptian users.
 
Throughout their test scans, researchers found out that AdHose is also responsible for Egypt’s internet censorship.
 
“In Egypt, these devices were being used to block dozens of human rights, political, and news websites including Human Rights Watch, Reporters Without Borders, Al Jazeera, Mada Masr, and HuffPost Arabic,” the report reads.
 
According to the report’s findings, 5700 people were affected by AdHose as researchers underwent a scan in January.
 
The report further recommends for Telecom Egypt to begin consulting with civil society “regarding its human rights due diligence and business ethics program.”
 
Egypt’s first Bitcoin exchange was reported to be opening in August last year, however Egypt’s central bank has been harshly opposing its official trade in several statements.
 
A few weeks after, Egypt’s top cleric called Bitcoin trade “unlawful” under Sharia law.