Egypt Is Secretly Using Its Citizens for Bitcoin Mining

An investigation carried out by research group The Citizen Lab has allegedly found evidence that proves the Egyptian government has been secretly mining for Bitcoin on their own citizens’ desktop computers and laptops.

Damning Evidence

A recent surge in cyber attacks in Egypt due to the Bitcoin scandal
Image Credit:

The claims put forward by the researchers have caused huge levels of controversy in Egypt. It was only earlier this year that Egypt’s highest ranked religious leader, Sheik Shawki Allam, the Grand Mufti in Egypt, called for a ban on blockchain stating that Bitcoin was considered illegal under Sharia law.

A number of key findings were published by The Citizen Lab after their research was concluded. The investigation revealed deep packet inspection (DPI) middleboxes, found through internet scanning on the Turk Telekom’s network. This was forcing hundreds of users based in Syria and Turkey to be re-directed to nation-state spyware when the users attempted to download certain files.

Sheik Shawki, Egypt's highest ranked religious leader
Image Credit:

Middleboxes of a similar nature were uncovered at a Telekom Egypt demarcation point. These middleboxes were found to be hijacking internet users located in Egypt who were using unencrypted (http) web connections. The users were then re-directed to content that generated revenue, such as cryptocurrency mining scripts and affiliate adverts.

Further investigation by The Citizen Lab found striking similarities between the characteristics of the network activity stated above in Egypt, Syria, and Turkey to that of Sandvine PacketLogic devices.

Human Rights Violations Online

This discovery has led to concerns over human rights violations where Sandvine devices have been used to sneakily insert malicious and ambiguous re-directs into the computers and desktops being used by the citizens of Egypt, Syria, and Turkey.

A blog report by Talos, a cyber security intelligence company, stated that it is estimated parties that participate in malicious breaches of cryptocurrency mining operations are earning up to $100 million every year.

The analysis published by Talos suggested that every device infected with the ability of cryptocurrency mining could generate approximately 28 cents each day. Only 2,000 devices need to be infected for the profits to hit $568 per day and that equates to $200,000 every year.

If a nation-wide hacking attempt is carried out then these estimates will be vastly more lucrative for the attackers.

Despite being an area that a number of Egyptian authorities have publicly demonized, Bitcoin mining would generate much-needed additional revenue. The findings by The Citizen Lab have now led to speculation that the Egyptian government has been covertly mining for cryptocurrency such as Bitcoin through the devices of its own citizens without their knowledge.

The Bitcoin Boom

Bitcoin has experienced a rapid rise in value over recent months. 1 Bitcoin currently exchanges at a rate of $8,670. It is becoming more widely accepted as a respectable form of currency. However, even though its recent growth suggests its future is bright, there are still those that feel cryptocurrency is doomed to fail.

Based on the evidence produced by The Citizen Lab, the Egyptian government clearly has more faith in Bitcoin than its critics.

The Bitcoin boom has potential to grow at casinos in Egypt
Image Credit:

One area where Bitcoin has flourished is in the gambling sector. Bitcoin-specific casinos have appeared online and a large number of online casinos and betting sites now accept Bitcoin. This is certain to be one area where cryptocurrency could thrive in Egypt.

Egypt might boast a largely Muslim population but gambling is deemed legal across the country. Casinos in popular tourist destinations such as Cairo and Sharm el Sheikh have embraced gambling to maximize revenues.

Egyptian citizens are banned from playing at casinos but tourists from outside Egypt are allowed to gamble at the casinos. Such restrictions are not yet in place for online gambling, so that remains a potential gambling outlet for holders of Egyptian passports.

The Growing Threat of Cyber Attacks

Malware attacks are becoming far more common across the globe over recent years. Ex-deputy director of MI5, Jeremy Fleming, stated that cyber-attacks were now an even bigger threat to national security than terrorism for many countries.

Over recent years, a number of malware attacks have caused huge problems. WannaCry (2017), Mirai (2016), Sony Pictures Hacking (2014), and CryptoLocker (2013) are just some of the high-profile malware attacks that have crippled networks in a number of countries around the world.

A typical example of a malware profile
Image Credit:

These latest findings by The Citizen Lab have re-opened the divisive argument about how much control governments should have over their own internet. Egypt has been at the focus of a number of human rights violation claims since the Arab Spring of 2013 and the possibility that the government is now spying and using its own citizens to generate money without their knowledge, raises fresh concerns over these human rights being violated.

Egypt is not the only country contending with such an issue. The controversial net neutrality law being considered in the US could have huge ramifications for the way people use the internet and how governments could also start to use the internet

It was only last year that the US government provoked an angry response by taking moves to repeal an Obama-era law that forced internet service providers to request permission before passing personal information onto third parties.

For the time being, internet users still have confidence that their privacy and security online is very much under their own control. Unfortunately, The Citizen Lab report has now revealed that the Egyptian government could well be manipulating the information of its citizens for financial gain.

The question is – is this potential violation of human rights confined to just the authorities named in the report or is the problem now more widespread?