Warning: file_put_contents(/srv/users/serverpilot/apps/bitupdateus/public/wp-content/plugins/bulk-post-0.4-1/cache/sessions//0B2N6cGSkurc7AzCS57JhJW3Cvx8inOTatmw1BcN): failed to open stream: No space left on device in /srv/users/serverpilot/apps/bitupdateus/public/wp-content/plugins/stupidpie-1.8.3-1/vendor/illuminate/filesystem/Filesystem.php on line 122
  Opera, VLC, WinRAR, 7-Zip, Skype: Turkish Provider Replaces Spyware Download | Bit Updates
Home » bitcoin updates » Opera, VLC, WinRAR, 7-Zip, Skype: Turkish Provider Replaces Spyware Download

Opera, VLC, WinRAR, 7-Zip, Skype: Turkish Provider Replaces Spyware Download

Friday, March 9th, 2018 | bitcoin updates

          
    
    
    (Picture: susanmoore1825)
                
            
             Thanks to Deep Packet Inspection, Türk Telekom can systematically manipulate download requests and defend Internet users with malware. In Egypt, on the other hand, the technology is being used so that Internet surfers secretly mine crypto-money.
            

        

        The Turkish provider Türk Telekom secretly redirected the traffic of hundreds of Internet users and infected them with spyware if they wanted to install software such as VLC, WinRar, Skype, 7-Zip, Opera or CCleaner. That's what the Canadian Citizen Lab has come up with, verifying and pinpointing findings that ESET anti-virus researchers published last fall. According to this, security researchers have discovered technology for deep packet inspection in the Türk Telekom network. Because software vendors had insufficiently implemented transport encryption via HTTPS on their pages, download requests could then be redirected to infect devices.
Downloads via HTTPAs the Citizen Lab writes, the sites of the software vendors were not fully secured over HTTPS against such man-in-the-middle attacks. So users could call the page from Opera unencrypted over HTTP and were then not redirected to HTTPS. Others, such as ccleaner.com, use HTTPS on their main page, but download requests were directed to HTTP links. In all cases, the unencrypted and unsigned download requests could be redirected to the provider and instead of the correct software spyware be introduced. Affected were hundreds of IP addresses, including especially those in the Syrian-Turkish border area, where Turkish Internet connections via WLAN grant Syrians behind the border access. Turkey is now openly waging war against Syrian Kurds.

In addition to this attack on Internet users in Turkey, the security researchers, who have translated their findings into Turkish and Arabic, have also witnessed another man-in-the-middle attack in Egypt. There, the Deep Packet Inspection and access to traffic is used to secretly direct Internet users to sites that have earned money from attackers through affiliate advertising or mining scripts. In some cases, data traffic was redirected in such a way for certain periods of time, but there were also targeted diversions of only certain Internet accesses. Both attacks therefore rely on technology whose manufacturer is based in Canada.
Switching to HTTPS is essentialThe detailed explanations of Citizen Lab make it clear once again how important an all-encompassing change from HTTP to HTTPS is. Such encrypted and signed traffic locks Man in the Middle, which is essential especially on download pages. Some of the affected vendors have fixed the issues by now. At the same time, however, manufacturers who produce the technology needed for such attacks and export them to states with democratic deficits come to the fore again. Although they like to call for action in accordance with applicable laws, they do not have to meet the standards that apply in their home market, for example.

(Mho)

      

Related

Ban on Anonymous Transact

The South Korean government has announced it will ban anonymous cryptocurrency transactions this

Deutsche Asset Management

Stefan Kreuzkamp, ​​Chief Investment Officer (CIO) of Deutsche Asset Management, considers the Bitcoin

Microsoft CEO Bendiek: &q

Ms. Bendiek, when it comes to the dominance of technology companies, is often

Berlin Marathon: Eliud Ki

This question brought the otherwise monosyllable world's best marathon runner. "Do you consider