A Trojanized version of the Tor Browser is targeting shoppers of black marketplaces in the dark web, threat actors aim to steal their
At the time of writing, attackers have already stolen about $40,000 worth of Bitcoin through more than 860 transactions registered
Threat actors also optimized the posts promoting the malicious software to appear as top results for queries for drugs, censorship bypass, and Russian politicians.
Between 2017 and early 2018, crooks promoted the
The home page of both sites displays a warning to the visitors informing them that they have an outdated Tor Browser, even if the visitors are using the most up-to-date Tor Browser version.
“Your anonymity is in danger! WARNING: Your Tor Browser is outdated. Click the button “Update” reads the English translations.
When the users click on the “Update Tor Browser” button, they are redirected to a second website that delivers a Windows installer.
“No changes were made to source code of the Tor Browser; all Windows binaries are exactly the same as in the original version. However, these criminals changed the default browser settings and some of the extensions.”
The Trojanized Tor Browser has disabled the update feature to prevent victims from updating to a
“The most important change
Crooks also modified the HTTPS Everywhere
Using this trick, attackers are able to hijack payments by changing the wallet address of the
“As of this writing, the total amount of