From the day when cryptocurrency’s value got the spotlight, the number of greedy people has increased at a high rate.
Recently, the Governments in Turkey and Syria have been found compromising internet connections to secretly inject a kind of surveillance malware, while the same technology has been found secretly injecting cryptocurrency mining malware into users' web traffic in Egypt.
It is something close to shocking after finding out that Government or agencies are linked to it, and ISPs in few nations are making use of Deep Packet Inspection technology from Sandvine to intercept and alter users' web traffic. Deep packet inspection is an advanced method of examining and managing network traffic. This technology allows ISPs analyze each packet in order to see what the person behind the screen is doing online.
According to a report by Citizen Lab, the Telecom network of Turkey used Sandvine PacketLogic to redirect numerous targeted users to malicious versions of legitimate programs bundled with FinFisher and StrongPity. Sandvine PacketLogic devices were also used to block websites like Wikipedia, the websites of the Dutch Broadcast Foundation (NOS) and Kurdistan Workers' Party (PKK).
A similar campaign was also spotted in Syria, where ISPs silently redirected the users to malicious versions of various applications that include Avast, CCleaner, Opera, and 7-Zip.
According to Citizen Lab researchers’ report about the Sandvine, the company called their report “false, misleading, and wrong," and also demanded them to return the second-hand PacketLogic device they used to confirm attribution of their fingerprint.