Researchers at ESET have uncovered a malicious version of the Tor browser used to access the dark web – which steals the user ‘s Bitcoin.
According to ESET, the bad actors were able to steal more than $40,000 worth of Bitcoin. But how?
Scammers used the trojans version of the official Tor browser. The fake browser redirects users to two sites that claim the user version of Tor is out of date. Experts argue that this happens even if the browser is the most up-to-date version.
When a user selects the “update your browser” link on a fake page, they are redirected to another site where they are told they can download the update.
ESET claims that these sites and fake browser Tor were promoted in 2017 – early 2018 – during the run of crypto “bull” – in various Russian forums. The false browser informed the user that it was the official Russian-language version of Tor.
Criminals also used Pastebin service accounts to advertise their fake Tor websites and urged users to download software onto their computer to evade government surveillance. Pastebin ‘s criminal accounts have been viewed more than 500,000 times.
When users of an infected browser transferred funds to their Bitcoin wallet or paid for goods in dark web markets, the browser changed the address of the wallet owner to the address of the offender.
ESET experts have identified more than three Bitcoin wallets used in this campaign. At the time of the pebble notes, the wallets 4.8 received by BTC, about $40.
It ‘s also a pretty dangerous strategy. To access dark sites it is necessary to use Tor .Hakers were sure that there is a high probability that Tor users will probably use Bitcoin aswell.
Whatever the problem, always download the software only from the developer ‘s official website.