State-sponsored hacking is one good reason to use the Microsoft Store for your apps

Reading time icon 1 min. read


Readers help support MSpoweruser. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help MSPoweruser sustain the editorial team Read more

Security has always been one of the main reasons to use the Microsoft Store for your apps, and now the Turkish government has provided another example of how downloading directly from the websites of companies may not be the safest way to get your software.

According to the University of Toronto’s Citizen Lab, Turkish ISPs have been diverting download requests for legitimate software such as Avast, CCleaner, VLC, Opera and 7-Zip to infected versions of the software containing government spyware such as FinFisher and StrongPity.

Besides direct downloads,  Türk Telekom has also been interfering with downloads from CNET’s Download.com using special Deep Packet Inspection (DPI) from US company Sandvine. The ISP has been targeting specific users, with Citizen Lab identifying 259 IP addresses being targetted.

It’s not just Turkey which is taking part in this practice, but also Telecom Egypt is also believed to be distributing infected downloads to users.

As mentioned earlier, such interference makes the case of downloading applications directly from the store, where the connection is encrypted end to end, and all packages are signed, making it difficult to distribute modified software.

Read more about the hacks at Citizen Labs here.

Via Winfuture.de

User forum

0 messages