- Who needs glass slippers? This Cinderella cosplayer upgraded with a stunning glass arm 2 Years Ago
- How to check if Yahoo owes you $358 Today 9:25 AM
- How to stream Bears vs. Redskins on Monday Night Football Today 7:00 AM
- What are the best alternatives to the electoral college? Today 6:30 AM
- The best PS4 games you can’t play anywhere else Today 6:00 AM
- How to watch the 2019 Emmy Awards Today 5:00 AM
- How to stream ‘Power’ season 6, episode 5 Today 4:00 AM
- Former developer at software company deletes his code to protest its ties to ICE Saturday 4:21 PM
- A mysterious website is doxing Hong Kong protesters and journalists Saturday 1:44 PM
- The best ‘Skyrim’ followers and how to get them Saturday 1:26 PM
- Why Joel Osteen gets cyberbullied every time Houston floods Saturday 12:40 PM
- How to stream Jets vs. Patriots in Week 3 Saturday 12:39 PM
- 10 indie dating simulator games you should be playing Saturday 12:31 PM
- How to stream Packers vs. Broncos in Week 3 Saturday 12:14 PM
- Saudi crown prince’s former adviser suspended from Twitter Saturday 11:57 AM
Hardware from Sandvine, a Canadian company, is being used to hack web traffic along the border of Turkey and Syria, the Associated Press reports, possibly targeting Kurdish forces aligned with the U.S.
Internet users in Turkey were infected with a surveillance program disguised as software and Egyptian internet users were redirected to browsers that mined cryptocurrency.
The discovery was made by Citizen Lab, a University of Toronto research group, that published its findings on Friday.
Forbes described the hacking process as such:
When anyone using a target IP address on Turk Telekom’s network attempted to download software from a handful of legitimate vendors – including security tools Avast and CCleaner, as well as the Opera browser and file archiver 7-Zip – their connections were intercepted by the PacketLogic tool and redirected to unencrypted websites registered by the snoops. From there, fake versions of those software, which were in fact malware, were automatically downloaded.
“These companies are not closely regulated—and that can lead to a lot of unintended consequences, including consequences that harm our foreign policy interests and human rights interest as well,” Roger Deibert, the director of Citizen Lab, told AP. “It’s a strong argument for government control over this kind of technology.”
The hack appears to be an example of so-called “network injection” or software that is injected into internet traffic by those who control the network. It only works with connections that have unencrypted web traffic.
Edward Snowden, the famous NSA whistleblower, sounded the alarm of “network injection” on Friday.
“Huge: @Citizenlab catches ISPs invisibly redirecting download requests for popular programs, injecting them with government spyware. Unencrypted web traffic is now provably a critical, in-the-wild vulnerability. 20-30% of top internet sites affected,” he wrote on Twitter.
Huge: @Citizenlab catches ISPs invisibly redirecting download requests for popular programs, injecting them with government spyware. Unencrypted web traffic is now provably a critical, in-the-wild vulnerability. 20-30% of top internet sites affected. https://t.co/5RR8BlkicH— Edward Snowden (@Snowden) March 9, 2018
In Egypt, the watchdog group found that users were being redirected to websites that mined cryptocurrency.
Sandvine told AP that they would conduct a “full investigation” once it received data from Citizen Lab, adding that they believed the allegations were “technically inaccurate” and “intentionally misleading.”
You can read AP’s report here and Citizen Lab’s report here.
Andrew Wyrich is a politics staff writer for the Daily Dot, covering the intersection of politics and the internet. Andrew has written for USA Today, NorthJersey.com, and other newspapers and websites. His work has been recognized by the Society of the Silurians, Investigative Reporters & Editors (IRE), and the Society of Professional Journalists (SPJ).