Security has always been one of the main reasons to use the Microsoft Store for your apps, and now the Turkish government has provided another example of how downloading directly from the websites of companies may not be the safest way to get your software.
According to the University of Toronto’s Citizen Lab, Turkish ISPs have been diverting download requests for legitimate software such as Avast, CCleaner, VLC, Opera and 7-Zip to infected versions of the software containing government spyware such as FinFisher and StrongPity.
Besides direct downloads, Türk Telekom has also been interfering with downloads from CNET’s Download.com using special Deep Packet Inspection (DPI) from US company Sandvine. The ISP has been targeting specific users, with Citizen Lab identifying 259 IP addresses being targetted.
It’s not just Turkey which is taking part in this practice, but also Telecom Egypt is also believed to be distributing infected downloads to users.
As mentioned earlier, such interference makes the case of downloading applications directly from the store, where the connection is encrypted end to end, and all packages are signed, making it difficult to distribute modified software.
Read more about the hacks at Citizen Labs here.