Home Tor’s Lookalike Loots $400k in Crypto
News

Tor’s Lookalike Loots $400k in Crypto

Krishi Chowdhary Journalist Author expertise
Disclosure
Disclosure
In our content, we occasionally include affiliate links. Should you click on these links, we may earn a commission, though this incurs no additional cost to you. Your use of this website signifies your acceptance of our terms and conditions as well as our privacy policy.

Tor’s Lookalike Loots $400k in Crypto

A malware attack disrupts the cryptocurrency space with a $4,00,000 crypto theft. Camouflaged as Tor Browser Installer, this clipboard injector malware stole approximately $4,00,000 in cryptos from around 16,000 users worldwide, says Kaspersky researchers.

It’s being said that the Kremlin’s ban and subsequent censorship after removing the outright ban on the Tor project somehow pushed the numbers of Russian victims in the scam.

The Tor Project called to help keep Russian users connected to Tor to circumvent censorship.Vitaly Kamluk, Kaspersky Official

Responding to the scammers’ call, users started downloading trojanized Tor Browser bundles, which later led to this gigantic theft. These attacks feature an identical pattern – the targets download borked Tor Browsers from a third-party store. It sports a password-protected RAR archive, which helps skip security protection. In addition, it features a command line RAR extraction tool.

GAlthough the attack has affected users in 52 countries, most cases came from Russia, Ukraine, and the United States.

Upon successful completion of the download, the malware starts its work. Usually, it fools the users by presenting itself as a common application icon. The malware thoroughly scrutinizes the downloaders’ clipboard data, and upon detecting a crypto wallet address, it replaces it with inputs controlled by the hacker.

The Complex Calculation

The scammers seem to have worked hard to make the malware perfect and functional. They have protected it with Enigma Packer V4.0, which made analysis even more complex. The threat hunters could compute the total losses by collecting numerous malware samples, removing them from Enigma, and extracting the crypto wallet replacement addresses.

Depending on the said calculation methodology, it’s being estimated that the crypto theft, which is worth $4,00,000, includes different currencies like Bitcoin ($3,81,237), Ethereum ($4,833), Litecoin ($10,554), Dogecoin ($570). Kamluk, the Kaspersky official, believes that the actual theft is even bigger as the research focuses only on Tor Browser abuse. There may be different campaigns and different modes of malware delivery that probably have made holes in other digital wallets.

WWhile the attack has been planned around a fundamentally simple concept, it may harbor more danger than one could imagine.

Experts have started exploring ways to prevent such crypto-stealing campaigns. For instance, it’s being suggested to download installers from the official Tor project instead of third-party websites. These installers are digitally signed and are expected to be malware-free.

The primary concern is that the malware is passive, and heuristics can hardly detect it. What’s more concerning is the malware can silently hide in the user’s device for years. They may not show any network activity, nor can their presence be detected from other visible signs. The user can discover it on the disastrous day when it finally steals your money, identity, crypto, or other digital valuables.

Krishi Chowdhary Journalist

Krishi Chowdhary Journalist

Krishi is an eager Tech Journalist and content writer for both B2B and B2C, with a focus on making the process of purchasing software easier for businesses and enhancing their online presence and SEO. Krishi has a special skill set in writing about technology news, creating educational content on customer relationship management (CRM) software, and recommending project management tools that can help small businesses increase their revenue. Alongside his writing and blogging work, Krishi's other hobbies include studying the financial markets and cricket.

Latest News

Avast Slapped With A Fine of $16.5 Million For Selling User Data
News

Avast Slapped With A Fine of $16.5 Million For Storing & Selling User Data

Google
News

Reddit Inks $60 Million AI Content Licensing Agreement with Google

Social media platform Reddit has finalized a landmark content licensing contract with Google. The deal is worth about $60 million per year and will supply the search and advertising giant...

Nationwide Cyber Attack Slows Down Prescription Processing
News

Nationwide Cyber Attack Slows Down Prescription Processing Across Pharmacies 

Pharmacies across the country are reporting problems with processing patient prescriptions after a cyberattack targeted UnitedHealth. The attack happened on a unit of UnitedHealth called Change Health in the early...

Google's AI Image Bot Too Woke, To Undergo A Fix
News

Google Promises To Fix Its AI Image Bot After It Was Accused Of Being Too Woke

Bitcoin
News

Bitcoin Advocate Tom Lee Defends Bitcoin Over Claims of Illegal Use

Bitcoin BTC Steady Above $51,000 Level Amidst Volatility, Expert Predicts Continued Price Growth
Crypto News

Bitcoin BTC Steady Above $51,000 Level Amidst Volatility, Expert Predicts Continued Price Growth

Top Crypto Gainers on 22 February - JASMY and AGIX
Crypto News

Top Crypto Gainers on 22 February – JASMY and AGIX