Telecom Egypt, a major state-owned telecommunications company, has ben caught installing malware on user machines to trick Middle Eastern Web users into unwittingly mining monero, according to a new report.
Customers attempting to use the internet in Turkey and Syria who have installed Windows apps like Avast Antivirus, CCleaner, Opera, or 7-Zip were redirected to malicious versions of the software with Monero mining malware attached, the University of Toronto’s Citizen Lab states in a study published Friday.
The report calls this scheme “AdHose” and claims,
“We found that a series of middleboxes on Türk Telekom’s network were being used to redirect hundreds of users attempting to download certain legitimate programs to versions of those programs bundled with spyware….We found similar middleboxes at a Telecom Egypt demarcation point. The middleboxes were being used to redirect users across dozens of ISPs to affiliate ads and browser cryptocurrency mining scripts.”
The company, who has been caught in the middle of government surveillance scandals in the past, says the claims are false.