• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • January 26th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Surveillance

State Spy Programs, espionage & Monero mining – fingers point at Sandvine

March 10th, 2018 Waqas Security, Malware, Privacy, Surveillance 0 comments
State Spy Programs, espionage & Monero mining – fingers point at Sandvine
Share on FacebookShare on Twitter

Sandvine Products and Technology Used by Egypt, Turkey, and Syrian Governments to Install Spyware and Monero Mining.

A Canadian security and human rights research group Citizen Lab has discovered that Turkey, Egypt, and Syrian governments are involved in the hijacking of local internet connections for the purpose of injecting surveillance malware.

Moreover, Citizen Lab, run by the University of Toronto’s Munk School of Global Affairs, stated that they identified Sandvine PacketLogic devices and Deep Packet Inspection technology installed in Türk Telecom and Telecom Egypt networks for injecting browser-based Coinhive Monero cryptomining scripts into web traffic and for ensuring political censorship.

The research group noted that not only governments of the identified countries but also agencies and ISPs are benefitting from Sandvine’s technology to intercept and change web traffic. It must be noted that Deep Packet Inspection technology allows ISPs to prioritize, block, inject, degrade and log different types of internet traffic and assess every packet to keep track of online activities of users.

Perhaps, this is why internet users in Egypt, Turkey, and Syria were redirected to nation-wide distributed spyware when they attempted to download authentic Windows applications. This was made possible by the deep packet inspection boxes that are installed at telecom networks across Turkey and Egypt. Researchers wrote in their report, published on Friday, that this discovery raises “significant human rights concerns.”

The Windows applications users in Egypt, Turkey, and Syria tried to download from CBS Interactive’s Download.com included Avast Antivirus, 7-Zip, Opera and CCleaner. They attempted to download these applications from official vendor websites but were diverted to malware-infected versions of the applications via HTTP redirects.

[irp posts=”57688″ name=”CBS’s Showtime Websites Found Mining Monero coins”]

Researchers believe that this redirection became possible because despite supporting HTTPS, the official websites for these programs by-default directed users to non-HTTP downloads. The malware is said to be quite similar to FinFisher and StrongPity spyware. Apparently, Download.com does not support HTTPS despite its claims of offering secure downloads.

When contacted, CBS Interactive’s CNET did not respond, nor released an official statement.

The scheme for which Sandvine boxes have been employed is dubbed as AdHose as it involves the distribution of affiliate ads and/or browser crypto-mining scripts. Network hardware is also believed to being used for censoring websites like Al Jazeera, HuffPost Arabic, Human Rights Watch, Mada Masr and Reporters Without Borders.

State Spy Programs, espionage & Monero Mining - fingers point at Sandvine

Sandvine and its owner Francisco Partners have claimed that Citizen Lab report is flawed and misrepresent their products. In a letter issued to Citizen Lab by Sandvine on March 7, the University of Toronto was asked to delay the report’s publications on grounds that the allegations were intentionally misleading and technically unfeasible.

Moreover, head of the Citizen Lab research team Professor Ronald Deibert has been charged by Sandvine for using unethical research methods and misappropriation of company’s technology by obtaining used Sandvine box for testing.

These claims were disputed by the University and Citizen Lab’s attorneys, who questioned Sandvine’s unwillingness to respond to queries about the firm’s commitment to ethical business practices and human rights and defended Citizen Lab’s research methods.

“You state, broadly, that Sandvine takes seriously its commitment to corporate social responsibility and ethical use of its products. However, you have not responded to any of the specific questions asked of Sandvine by Citizen Lab in letters dated February 16 and March 1, 2018,” the letter issued by University of Toronto and Citizen Lab attorneys read.

[irp posts=”61048″ name=”Hackers are using YouTube Ads to Mine Monero Cryptocurrency”]

  • Tags
  • Censorship
  • Egypt
  • Malware
  • Monero
  • Sandvine
  • security
  • Spying
  • Spyware
  • Surveillance
  • Syria
  • TURKEY
Facebook Twitter LinkedIn Pinterest
Previous article Robots can be hacked with ransomware & curse at customers
Next article Sauna security camera hacked; nude videos of Dutch Women’s Handball Team leaked
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
TikTok vulnerability allowed hackers to access users' phone numbers

TikTok vulnerability allowed hackers to access users' phone numbers

Why you should never use free a VPN

Why you should never use free a VPN

Watch out as new Android malware spreads through WhatsApp

Watch out as new Android malware spreads through WhatsApp

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
TikTok vulnerability allowed hackers to access users' phone numbers
Security

TikTok vulnerability allowed hackers to access users' phone numbers

40
Why you should never use free a VPN
Drones

Why you should never use free a VPN

27
Watch out as new Android malware spreads through WhatsApp
Security

Watch out as new Android malware spreads through WhatsApp

234

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us