The government institutions or affiliated structures of Egypt broke the Internet connection of the country’s citizens using the "AdHose" program, which redirects traffic to Monero mining or shows extra advertisements. This information was published in a report by the explorers of the University of Toronto on Friday.
“We found similar middleboxes at a Telecom Egypt demarcation point. The middleboxes were being used to redirect users across dozens of ISPs to affiliate ads and browser cryptocurrency mining scripts”, - the
The financial market still has some suspicions concerning Bitcoin mining as well as other cryptocurrencies, given the fact that such operations are often conducted without users’ consent. Consequently, a bunch of Canadian researchers detected a modality, which might have been used by the Egyptian authorities to mine Monero secretly with the help of their citizens’ computers. This is possibly the result of using a fintech technique that the investigators called AdHose.
Firstly, the researchers started their study with reviewing all of the IP addresses in definite countries to find DPI devices called middleboxes. Such systems catch traffic on Turk Telekom’s network and redirect all users to nation-state spyware while the people just wanted to download some legal Windows applications.
Telecom is a major telecommunications company, 80% of which is held by the Egyptian Ministry of Communications and Information Technology. And the middleboxes mentioned earlier include Sandvine PacketLogic devices, which have been associated with state surveillance in Turkey and Syria.
The Citizen Lab appealed to Sandvine and Francisco Partners sending their recently found data to them in February. In its reply, Sandvine claimed that the report was “false, misleading, and wrong.” However, the lab stated, “We emphasized that we were confident in our research findings, which two independent peer reviews confirmed.”