Fake Tor Browser Steals Bitcoin From Darknet Users, Warns ESET

Fake Tor Browser Steals Bitcoin From Darknet Users, Warns ESET

Major antivirus software supplier ESET has discovered a trojanized Tor Browser designed to steal Bitcoin (BTC) from buyers in the darknet.
Fake browser distributed via 2 websites
Targeting users in Russia, the fake Tor Browser was distributed via two websites and has been stealing from darknet shoppers by swapping the original crypto addresses since 2017, ESET’s editorial division WeLiveSecurity reported Oct. 18.
Created back in 2014, the two fake Tor Browser websites — tor-browser[.]org and torproect[.]org — are mimicking the real website of the anonymous browser, torproject.org. 
According to the Slovakian software security firm, these websites display a message that users have an outdated version of Tor Browser even if they have the most up-to-date Tor Browser version, offering to download the fake version containing malware.
Over $40,000 stolen in
According to the firm, the newly discovered malware has been distributed for Windows, while there are no signs that the same websites have distributed Linux, macOS or mobile versions.
After being installed, the malicious Tor Browser automatically swaps users’ addresses to the addresses controlled by criminals.
According to ESET, the total amount of received funds for all three wallets allegedly involved in the campaign accounted for 4.8 so far. One of the reported wallets contains 2.66 BTC at press time with the latest transaction in September 2019. 
In addition to Bitcoin, the campaign has also been stealing money by altering QIWI wallets, the firm said.
Related warnings
In early October, ESET flagged another form of malware stealing from users. Called “Casbaneiro” or “Metamorfo,” the banking trojan targets banks and crypto services located in Brazil and Mexico and has allegedly stolen 1.2 BTC to date.
Meanwhile, Tor Browser users have already been warned about potential money losses due to security breaches. In mid-September, Finnish peer-to-peer exchange LocalBitcoins warned Tor users about the risks of using Tor Browser, claiming that Tor Browser exposes them to the risks of having their stolen.

See also  Maker Launches New Dai Today, Expects to Phase-Out Old Dai in Months

Leave a Reply

Your email address will not be published. Required fields are marked *

Want to automate your crypto Trading?
Try this new trading Robot!

Your information will be validated and you will be automatically redirected to the trading robot advanced dashboard.