specifically this is how QUANTUMINSERT worked (from the Snowden leaks.) also China used the same technique, injecting malicious JS through the GFW to get bystanders to DDoS github, in a much more obvious and indiscriminate way.
nobody here is remotely likely to be targeted by NSA, of course, but you can actually do such attacks on a budget if you compromise any router in the chain. combined with a BGP hijack it’s not far out of reach for even a ransomware gang to pull something like that these days.
specifically this is how QUANTUMINSERT worked (from the Snowden leaks.) also China used the same technique, injecting malicious JS through the GFW to get bystanders to DDoS github, in a much more obvious and indiscriminate way.
nobody here is remotely likely to be targeted by NSA, of course, but you can actually do such attacks on a budget if you compromise any router in the chain. combined with a BGP hijack it’s not far out of reach for even a ransomware gang to pull something like that these days.