Wondering why those Bitcoin pop-ups take over your computer and no anti-malware tool can find the problem?
Turns out that for months hackers have had access to Thailand’s biggest internet service provider’s proxy, enabling them to load their own code onto machines connecting to the internet, according to a technical expert’s analysis published Sunday.
Like all ISPs in Thailand, True Internet uses a proxy system to facilitate government censorship. Through that mechanism, hackers were able to load ads such as the “Bitcoin Duplicator” directly onto True users’ computers.
True has not officially acknowledged the problem, but it seemed to go away after details of the attack were published by Twitter users _Jacobfish and Sajal. Fish’s Twitter account has been suspended, but he maintains information about the attack on his Tumblr page. Users began complaining about the pop-up ads as early as October of last year, TelecomAsia.net reported.
Although the problem may have been fixed, the issue could continue for users until they delete their temporary files, as the malicious code can continue to run up to a year.
