Submitted via IRC for SoyCow1984
Fake Russian Tor browser purloins $40,000 in Bitcoin from dark web shoppers
Researchers from cybersecurity firm ESET have uncovered a malicious version of the Tor browser – the program used to access the dark web – and it's been stealing user's Bitcoin.
According to ESET, the bad actors were able to steal more than $40,000 worth of Bitcoin. But how?
The scammers have been using a trojanized version of an official Tor browser package. The bad browser redirects users to two websites which claim the user's version of Tor is out of date. Researchers say this happens even if the browser is the most up-to-date version.
When a user clicks on the "update" link on the nefarious page, they are redirected to another website where they are told they can download an update.
ESET says these websites and the malicious Tor browser was promoted in 2017 and early 2018 – during the infamous cryptocurrency bull run – on various Russian forums. The fake browser claimed to be the official Russian language version of Tor.
The scammers also used Pastebin accounts to promote their fake Tor websites, and encourage users to download the software to evade government surveillance. The associated Pastebin accounts have been viewed more than 500,000 times.
(Score: 3, Informative) by mobydisk on Monday October 21 2019, @05:23PM
Well that was a loaded statement!
Saying Tor is "the program used to access the dark web" certainly paints it differently than if they had said "the program used to protect Chinese citizens from government spying." One can access the "dark web" without Tor. And Tor has other uses. Would it be fair to say "Ginsu, the knives used to cut people's throats." Certainly, a Ginsu knife could be used for that purpose, but branding that as though it is the one and only thing used for that purpose is unjust.