Mevade

Pierluigi Paganini March 08, 2014
Tor network is increasingly attractive for cybercrime

Cyber criminals are abusing even more Tor Network for illegal activities, from botnet management to money laundering, the number of services is increasing. Tor network is even more used by cyber criminals to cover their illegal activities, the Tor community has observed, for example an alarming increase in the number of malware that abuse of […]

Pierluigi Paganini January 22, 2014
Sefnit botnet-Microsoft has silently uprooted Tor Browser from more than 2 Million PC

Microsoft has uprooted Tor Browser from more than 2 Million Systems to eradicate Sefnit botnet. It has done it silently without user agreement. It was August 2013 when security experts noted a spike in Tor traffic network caused by cybercriminals activities, the malware specialists discovered a botnet based on Mevade malware, in mid-August the number […]

Pierluigi Paganini December 19, 2013
ChewBacca, the last Tor-based banking trojan

Kaspersky Lab experts have discovered a new Tor-based banking trojan named “ChewBacca”, it is the last malware exploiting Tor network. Tor network is a territory of exploration for cybercriminals that are increasing their attention in the popular anonymizing network for make more resilient malicious botnets. The principal advantages for adoption of hidden service in a […]

Pierluigi Paganini November 27, 2013
New crimekit Atrax exploits Tor, mines Bitcoin and much more

Atrax, yet another commercial crimekit on the black market, a malware able to exploit Tor and that implements numerous features including Bitcoin mining. Atrax is the name of the last crimekit that is sold in the underground market, its particularity is the capability to exploit Tor networks to communicate with Command & Control infrastructure. Jonas […]

Pierluigi Paganini September 08, 2013
Mevade botnet responsible for the spike in Tor traffic

Security researchers at Fox-IT firm found evidence that the spike in Tor traffic is caused by a Mevade botnet that hides its C&C in the anonymizing network. Is the Mevade malware the real responsible for the spike observed in the number of users directly connected to the Tor network? In an article I wrote recently I analyzed the impact on the use […]