RATE Group | Malicious Tor Browser Steals Cryptocurrency from Darknet Market Users
65815
post-template-default,single,single-post,postid-65815,single-format-standard,ajax_fade,page_not_loaded,,qode_grid_1300,side_area_uncovered_from_content,footer_responsive_adv,qode-content-sidebar-responsive,qode-child-theme-ver-1.0.0,qode-theme-ver-13.3,qode-theme-bridge,wpb-js-composer js-comp-ver-7.9,vc_responsive
 

Malicious Tor Browser Steals Cryptocurrency from Darknet Market Users

19 Oct Malicious Tor Browser Steals Cryptocurrency from Darknet Market Users

Posted at 03:54h in Cryptocurrency News by

[ad_1]

A trojanized version of the Tor Browser is targeting dark web market shoppers to steal their cryptocurrency and tracks the websites they visit.

More than 860 transactions are registered to three of the attackers’ wallets, which received about $40,000 in Bitcoin cryptocurrency.

Careful impersonation

The malicious Tor Browser is actively promoted as the Russian version of the original product through posts on Pastebin that are have been optimized to rank high in queries for drugs, cryptocurrency, censorship bypass, and Russian politicians.

Spam messages also help the actor(s) distribute the trojanized variant, which is delivered from two domains claiming to provide the official Russian version of the software.

Cybercriminals were careful with selecting the two domain names (created in 2014) since to a Russian user they appear to be the real deal:

  • tor-browser[.]org
  • torproect[.]org – for Russian-speaking visitors, the missing “j” may be seen as a transliteration from…

[ad_2]

Source link

Tags:
, , , , , , ,