Hoax Onion stealing Privacy for “years”


Crypto Hackers have been active since Bitcoin & other cryptocurrencies in on rapid way to change the face of the economy. The Bitcoin price is being up folded twice the last year, but since it’s been fallen back has not much effected these cybercriminals.

Recently researchers have warned that famous privacy browser “Tor”, have been used by cyber-criminals to spy on the movement of your stored cryptocurrencies. Tor browser used to access underground .onion based websites, these websites & version of the tor are faked to noob users by using Pastebin & similar URL shortener using the help of malware.

This malware is being promoted on two hoax websites ” tor-browser.org ” & ” torproect.org ” by indicating users that they need to update their tor browser by installing the latest version. Once this malware installed it act in the same way the real version of tor browser works. However, cybercriminals made hidden settings to the browser in order to spy on the cryptocurrencies movement & to steal them, moreover, this faked version disable more updates from the real tor server. The browser requires xpinstall.required.settings which is being tampered which lets hackers add multiple add-ons to get more access to victim digital assets wallet & their anonymity.

Additionally, HTTPS everywhere has been automatically disabled but acts as to enable the users, which loads a script and lets users send an automatic browsing activity to the attacker using a controlled C2C server. These C2C payloads are made on javascript & specifically target only 3 large Russian marketplaces.

According to ESET division, this malware is available on all major platforms & have scammed more than 4.8 bitcoin from users. One wallet contains 2.65 Bitcoin at the time of latest transaction in September 2019.

Leave a Reply

Your email address will not be published.