Either the Egyptian government itself or some entities within it have been linked with hacking localized internet connections, in order to covertly mine a number of cryptocurrencies.
As we know, cryptocurrency mining has become big business with many people making it their full time occupation, and some even making companies from it. Crypto-mining works by compiling some of the most recent transactions into blocks, and once this has been done the miners will then solve some computationally difficult puzzles. The miner who successfully completes the puzzle first, will be able to place the new block into the blockchain and claim a reward, which is a certain number of cryptocurrencies.
According to some security researchers at Toronto University, various aspects or regions of the Egyptian government have been involved in hijacking people’s computers to use their power, to mine cryptocurrencies. In the report it has been mentioned that this type of evidence, if found out to be true would be “the stuff of legends” for an intrusion by a government. However, as outlined by these researchers, the high level of sophisticated technology that has been used has made it difficult to establish for sure if these accusations are true.
The researchers have stated that they have determined the strategy used by these government officials, and have named it “AdHose”. It works by stealthily redirecting Internet users’ traffic to specific malware programs, that are able to utilize their computers so it can mine the cryptocurrency known as, Monero.
After some extensive research carried out by the university, the malware can be used in two different ways. The first is “Spray” mode, which is where any website that any of the affected users tried to visit, would instantly redirect their browser to an ad network, or it would be redirected to a crypto-mining malware program known as Coinhive. A scan that was initiated in January, discovered that approximately 95% of devices had infected by the AdHose scheme, although the report never gave the exact number of users that were affected.
Apart from the spray mode, there is also the “trickle” mode and that works by redirecting web traffic only when the users were visiting certain website. The sites including in this method are; CopticPope.org, which used to be a religious website as well as a porn site called Babylon-X.com. The main difference between these two different modes is the fact that trickle mode is continually operating.
The level of sophistication of this operation was proven by analyzing the hardware that was used to allow AdHose to work, which also works as a censorship tool. This hardware works by blocking the access to certain news websites such as Al Jazeera, Human Rights Watch, which can often be the source of some controversial information. If you thought that this was localized to Egypt, you’d be wrong as researchers also discovered this type of setup was operating in other Middle-Eastern countries such as Turkey and Syria. However, Egypt was using people’s computer to mine cryptocurrencies, other countries were taking the opportunity to deliver some nasty spyware.
@millz to stay up to date on more great posts like this. 
ㅤㅤ 