The researchers of the IT security company ESET have recently discovered a new way that hackers use to invade people’s computers. According to them, several hackers have been distributing a malicious version of the Tor Browser, which is generally used to access the deep web or to browse incognito.
This malicious version, however, is set to steal cryptocurrencies from the users and to spy on their computers. So far, the trojan has only led users to lose a very small amount of Bitcoin, but the problem is serious, so the researchers warned the users to be careful when using the software.
According to the researchers from ESET, the tokens are generally taken because the hackers change the address of the wallets when the user tries to make a payment using the fake browser.
Anton Cherepanov, the senior malware researcher at the company, affirmed that the wallets belonging to the criminals have received several transactions, however, most of them had small values. So far, the wallets have received only about 4.8 BTC ($38,700 USD), a huge gain for the hackers, but not a huge loss to people, as these transactions came from many different victims. He added;
“Each such wallet contains relatively large numbers of small transactions; we consider this a confirmation that these wallets indeed were used by the trojanized Tor Browser.”
Initially, the hackers targeted Russian users and then they decided to target other victims as well. The malicious software is being distributed by forums, according to Tor. The victim is generally redirected to one of two sites. The first site affirms that their software is out of date and they have to change it. This is when the victims get into the second site, in which they can download the fake app.