Home » Fake and Malicious Tor Browser Spies and Steals Bitcoin From unaware Darknet Users

Fake and Malicious Tor Browser Spies and Steals Bitcoin From unaware Darknet Users


Distribution of a compromised official Tor Browser version has been going on courtesy of unrelenting hackers.

Fortunately, ESET — a Major antivirus software supplier — was able to unearth a trojanized Tor Browser that was capitalizing on malicious tools to spy and even steal Bitcoin (BTC) from users.

Oct. 18, WeLiveSecurity, ESET’s editorial division, reported that since 2017, the fake Tor Browser which was being distributed via two websites was swapping the original crypto addresses and subsequently stealing cryptocurrency from darknet shoppers especially those in Russia.

The two fake Tor Browser websites that mimicked anonymous browser’s real website, torproject.org, were torproect[.]org and tor-browser[.]org – which came about in 2014.

To lure users into downloading the fake version that contains malware, these websites will show a message that the visitors need to update their outdated Tor Browser version, even when they have a Tor Browser version, which is up-to-date according to the Slovakian software security firm.

A substantial amount of Bitcoin stolen

Distribution of the newly discovered malware seems to have taken place on Windows, but mobile, Linux, or macOS versions were not affected.

Once installed, the malicious Tor Browser will swap the crypto addresses of users automatically to criminals-controlled addresses.

So far, 4.8 Bitcoin is the total amount of received funds that three wallets that took part in the campaign possessed. At press time, there was 2.66 BTC in one of the wallets.

Besides bitcoin, ESET claimed that QIWI wallets were also altered and money stolen from it.

Similar threats

Another kind of malware known as “Metamorfo,” or “Casbaneiro” was flagged by ESET in early October after it was found to be facilitating crypto stealing. Banks and crypto services situated in Mexico and Brazil were the primary targets of the banking trojan – and up to now, 1.2 BTC has allegedly been stolen.

Many warnings concerning security breaches that could result in potential money losses had previously been given to Tor Browser users.

One common crypto exchange, LocalBitcoins, even warned that Tor Browser exposes Tor users to a possible bitcoin stealing.

Creators are able to know the websites a user usually visits, and even change the data on visited pages with the malware-laden browser.

Sources: https://cointelegraph.com/news/fake-tor-browser-steals-bitcoin-from-darknet-users-warns-eset

About the author

James Lovett

James Lovett

James is a passionate writer on cryptocurrency industry and other disruptive technologies in the crypto world. He has written several crypto articles for numerous websites and blogs over the years.

Add Comment

Click here to post a comment

The following GDPR rules must be read and accepted:
This form collects your name, email and content so that we can keep track of the comments placed on the website. For more info check our privacy policy where you will get more info on where, how and why we store your data.