Monero mining malware linked to Turkish telecom company

Turkish Internet provider implicated in recent Monero mining virus epidemic in Middle East, says Citizen Lab in its report
12 March 2018   409

Recently there was a flood of Windows applications infected with Monero miner in Turkey and Syria. University of Toronto's Citizen Lab took an interest in this case and made a report. The results are surprising, to say the least.

The culprit was connected to to Türk Telekom – a formerly governmental Turkish telecommunications provider. According to the report, the ties to miner virus are connected to an unknown party with the access to provider's middleboxes, associated with government surveillance in Turkey and Syria. All this raises questions whether or not the virus itself is a product of some governmental effort at mining.

The infection scheme, called “AdHose”, is explained further in the report. The users are unknowingly redirected to infected copies of legitimate software while trying to download Windows applications such as Avast Antivirus, Ccleaner, 7-Zip or Opera, for example.

The spokesperson for the Türk Telekom reacted to the accusations and published a stetement, calling Citizen Lab allegations technically inaccurate and intentionally misleading. He also said that the company is currently investigating the issue, because they are “deeply commited to ethical technology development”.

The idea itself of government-controlled cryptocurrency mining malware is a little far-fetched in the expert's opinion, but the similar cases have already been reported by Open Observatory of Network Interference in 2016. At that time the Egyptian internet provider has been implicated in similar MITM-type attacks with malware and advertising present, minus the mining element.

Monero V Hard Fork Postponed

The snapshot date is postponed to April 30, block 1564965 so as to facilitate the third-party services requests
20 March 2018   199

MoneroV is a private cryptocurrency fork of the Monero blockchain. Previously we have reported about the Monero V hard fork after which all Monero holders as of block 1529810 should have become the owners of MoneroV on March 14, 2018. 

However, the team of the project has reported that due to the growing demand and increasing expectations from users, trading platforms, and large mining pools, it has decided to postpone the snapshot date to April 30, block 1564965 to facilitate third-party services requests.

Monero V hard forkMonero V Hard Fork Date Postponed

New features:

  • Replay protection, transactions on the Monero blockchain will not be able to be replayed on the MoneroV blockchain.
  • MoneroV codebase is currently fully functional and tested on macOS Sierra, Windows, 64-bit and on Linux, 64-bit. 
  • Some new procedures will be tested, including testing the time gap between the snapshot date and mainnet release, and raising the minimum ring signature, that will help mitigate an issue that was raised that the hard-fork split might reduce the effective privacy set of ring signatures – one of three private properties of the Monero & MoneroV blockchains.

Moreover, MoneroV’s source code, MoneroV GUI wallet, the MoneroV daemon will be published on Github publicly for the community to audit before released in downloadable form.