From Dark Web user fake Tor browser stole Bitcoins

From Dark Web user fake Tor browser stole Bitcoins

the news has spread that Cryptocurrencies like Bitcoin, anonymity-retaining browsers like Tor and underground platforms like the Dark Web have offered users a great opportunity to carry out their nefarious deeds online without getting caught. However, tables have turned now as hackers and spammers aren’t sparing Dark Web users.

A suspecious malicious version of the widely used Tor browser is spying on Dark Web users and stealing bitcoin from their wallets. It is worth noting that the privacy ensuring Tor browser is the main program used by many to access the Dark Web. 

This version of the widely used Tor browser is spying on Dark Web users and stealing bitcoin from their wallets. It is worth noting that the privacy ensuring Tor browser is the main program used by many to access the Dark Web. 

When the user clicks on the link provided on the page for downloading the updated version of Tor, another website appears containing the download link. When the infected Tor is downloaded and used, it starts spying on the user. When the user adds funds to the Bitcoin wallet or pays for any service on the Dark Web, the malicious Tor diverts the funds to the wallet controlled by the scammers by changing the target address.

ESET senior malware researcher Anton Cherepanov stated in a blog post that whatever the user does on the Dark Web is being tracked by the malicious Tor operators.

According to ESET, the fake Tor browser version was promoted back in 2017 and 2018 quite fiercely on many Russian forums and Pastebin accounts as the Russian language version of Tor. Interestingly, the Pastebin accounts so far have over 500,000 views.

Moreover, ESET researchers have discovered three bitcoin wallets that are used in this campaign. What’s alarming is the fact that this campaign has remained active for many years and the stolen amount may actually be higher than the reported one.

“It should be noted that the real amount of stolen money is higher because the trojanized Tor Browser also alters QIWI wallets,” added Cherepanov."

Tor browser is mostly used for accessing illegal goods/services on the Dark Web and most of the trading is carried out in virtual currency. The fake Tor is designed so genuinely that non-tech savvy users may not even notice any difference between the fake and original browser.

To know about latest happenings in technology industry check out other posts of GadgetsTricks.comThanks For Your Time !!