Report Alleges Egyptian Authorities Is Caked Mining Cryptocurrencies on Citizens' Devices

2018/03/11/3/bitcoin-macro-miners-1-760x400.jpg

An investigation by The Citizen laboratory has found evidence that Egyptian authorities are mining cryptocurrencies on citizen's laptops and computers.

Using Internet scanning the researchers found deep packet inspection middleboxes on Telecom Egypt connections. The researchers suggest this was done in order to extract revenue.

The report also identified the same malicious system being used in Turkey to inject citizen's devices with spyware. Both Egypt and Turkey have been increasingly authoritarian in recent decades, breaching multiple human rights obligations. Reporters Without Borders ranked Egypt 161st from 180 currencies in its 2017 World Press Freedom Index and 800 people have been sentenced to death since 2013.

Following an extensive evaluation, the group was able to track the network injections from both Egypt and Turkey to Sandvine PacketLogic devices — an American-based firm that sold the Turkish system as part of a $6,000,000 contract. At the time the deal caused a prominent member of the company to resign in protest.

Attitudes to cryptocurrency are divided from the highly spiritual Egypt. Earlier this year Egypt's foremost religious leader called for a blockchain ban, saying that Bitcoin was prohibited under Sharia law.

Whilst some authorities in Egypt are against the technology, the attackers are likely earning considerable amounts of money. A report from Talos earlier this month, a leading cyber security intelligence company, estimates that malicious mining could be netting attackers over $100m annually.   The report estimated that each infected device can generate about 28 cents a day. With 2000 apparatus that adds around $568 per day and $200,000 a year. It is likely however that the nation-wide system uncovered could have many many more devices infected — causing much higher profits.

This sort of attack has grown hugely in recent years, with malware research labs alleging that over 1.5 million devices have been affected. Website owners have deployed the technology as an alternative to ad-hosting. However, the principal use has been by hackers that slip the system onto internet users without them knowing.

The news of Egypt and Turkey's use of this software comes as a reminder not only of the shaky human rights situation in these countries but of state-sanctioned spying globally. As we progress through 2018, the world wide web is increasingly becoming less of a tool to connect citizens and more a weapon to spy on them.