Internet users in Egypt have faced a global mining virus that spread through the network of the country’s main provider Telecom Egypt.
First of all, hackers infected the company’s network devices that control the traffic of users with the AdHose virus. Attackers were able to redirect users from the “normal” pages to promotional fakes for cryptocurrency, many of which were infected with the Coinhive virus.
Things were not always the same, that’s why in some cases, the criminal scheme redirected users in a selective, random order, in other cases all the users got to sites with the virus.
The Coinhive virus works by redirecting the user to an advertising site or opening an advertising video, then using the computer’s powers to secretly mine cryptocurrency Monero.
According to estimates for January of this year, 5700 devices connected to the network of the provider have suffered from the AdHose virus. Do not forget that Telecom Egypt controls most of the traffic in Egypt, so perhaps the numbers given are only a small fraction of the affected devices, and the total amount of victims of the virus remains unknown for now.
Many popular sites have become victims of the Coinhive virus. These include the network resources of well-known online publications and TV channels, such as American cable network Showtime, as well as websites of US and British government agencies.