Through the years, Bitcoin and Tor have gone hand in hand due to their assurance of anonymity and privacy. But it seems that in the modern times of cyber crime even deep web users are not safe. A fake tor browser with 500,000+ hits has been identified.
It is alleged that the hackers used the fake tor browser to spy on its users and eventually steal their bitcoins.
When the malicious browser was opened it redirected the dark web users to a website which stated that their version of Tor is outdated even if the users had the latest version. The website then redirected the dark web users to a supposed ‘download’ page which had a link to download the nefarious software. When installed, the software starts to spy on its users.
If the targeted dark web user made the grievous mistake of transferring Bitcoins (BTC) to their wallets. The hacker would go on to steal the transferred coins from the dark web user.
It’s been reported by ESET that the hackers managed to rob around 4.8 BTC which is around 40,000$! ESET also reported that the malicious software has been active since 2017 or 2018 and has been actively promoted on Russian forums and Pastebin accounts as a Russian language Tor. The Pastebin accounts had more than 500,000 hits which are pretty concerning.
The header of a paste that promotes fake Tor Browser websites:
BRO, download Tor Browser so the cops won’t watch you. Regular browsers show what you are watching, even through proxies and VPN plug-ins. Tor encrypts all traffic and passes it through random servers from around the world. It is more reliable than VPN or proxy and bypasses all Roskomnadzor censorship. Here is official Tor Browser website: torproect[.]org Tor Browser with anti-captcha: tor-browser[.]org Save the link Comrades
Moreover, the ESET investigators have found three bitcoin account linked with the robbery. The concerning part is that the campaign has been going on for years and years. The stolen amount can be much more than what is reported.
Tor is used for gaining anonymity and accessing the deep web which also consists of the infamous dark web. Because of the extreme anonymity granted, it has become a hub of criminal activity such as the trading of drugs, arms, pornography etc. The fake Tor looks so genuine that even the most tech-savvy people will have a hard time differentiating between the two.