Investors Hangout Stock Message Boards Logo
  • Mailbox
  • Favorites
  • Boards
    • The Hangout
    • NASDAQ
    • NYSE
    • OTC Markets
    • All Boards
  • Whats Hot!
    • Recent Activity
    • Most Viewed Boards
    • Most Viewed Posts
    • Most Posted
    • Most Followed
    • Top Boards
    • Newest Boards
    • Newest Members
  • Blog
    • Recent Blog Posts
    • Recently Updated
    • News
    • Stocks
    • Crypto
    • Investing
    • Business
    • Markets
    • Economy
    • Real Estate
    • Personal Finance
  • Market Movers
  • Interactive Charts
  • Login - Join Now FREE!
  1. Home ›
  2. Stock Message Boards ›
  3. Stock Boards ›
  4. Zerify Inc (ZRFY) Message Board

BlockSafe News https://www.bankinfosecurity.com

Message Board Public Reply | Private Reply | Keep | Replies (3)                   Post New Msg
Edit Msg () | Previous | Next


Post# of 82686
(Total Views: 443)
Posted On: 10/21/2019 11:33:50 AM
Avatar
Posted By: CyberC
BlockSafe News

headerlogo-bis.png


Malicious Tor Browser Fleeces Darknet Users of Bitcoins
Cybercriminals Have Stolen About $40,000 So Far, Researchers Say


Cybercrime , Fraud Management & Cybercrime

malicious-tor-bowser-fleeces-darknet-users-bitcoins-showcase_image-9-a-13272.jpg

A newly uncovered criminal scheme is using a trojanized version of the anonymized Tor browser to fleece darknet users of their bitcoins, according to research released Friday from security firm ESET.

Between 2017 and 2018, the unknown criminal gang advertised the webpages of this trojanized Tor browser using spam messages on various Russian-language forums. Over several months, these webpages received about 500,000 page views, with the gang able to collect about $40,000 in stolen bitcoins through the scheme, the ESET researchers say.

Using the anonymizing Tor browser is essential for those users that want to reach these various darknet and dark market websites. These sites typically only accept payment in pseudonymizing cryptocurrency such as bitcoin.

In the case that ESET researchers uncovered, the cybercriminals advertised their malicious Tor browser on various Russian-language forums as well as Pastebin. As part of the ruse, the gang advertised their offering as the "official Russian language version of the Tor Browser," according to ESET.

As part of the scam, the criminal gang used two domains, "tor-browser[.]org" and "torproect[.]org," which were similar to the official Tor project domain, the report notes. In the one case, the "j" was missing, ESET researcher found.

"For Russian-speaking victims, the missing letter might raise no suspicion due to the fact that 'torproect' looks like a transliteration from the Cyrillic," according to the research note.

Spamming Tor Users
This particular scam starts with spam messages sent to Tor browser users who are mainly Russian speaking, according to ESET. These messages contain various topics related to darknet and other underground forums, including information about cryptocurrencies, internet privacy and censorship, ESET found.

In some cases, these messages mention Roskomnadzor, a Russian government entity that is known for censorship, according to ESET.

These spam messages also contain links back to the phony webpages that resemble official Toj project, but are actually controlled by the criminal gag, ESET finds. It's there that the users are encouraged to download an updated version of Tor, which is actually the trojanized version of the application created by the gang.

esettorfake.jpg


Spoofed page advertising the trojanized Tor browser (Source: ESET)
The malicious browser is actually based on Tor Browser 7.5 - a version of the app released in January 2018. "Thus, non-technically-savvy people probably won't notice any difference between the original version and the trojanized one," the ESET researchers say.

Trojan Browser
The trojanized Tor browser works much like the real version of the browser. The difference, however, is that the cybercriminals changed some default browser settings and extensions, ESET researcher say.

The changes prevent the user from updating the trojanized version of Tor to the legitimate one. In addition, the malicious version has changes to the xpinstall.signatures.required setting, which then allows the gang make additional add-on.

Finally, the HTTPS Everywhere add-on has been tampered with, which then allows the trojanized browser to connect to a command-and-control server hosted on the darknet, ESET finds.

If the users attempts to make purchases on one of three Russian-language darknet forums, the command-and-control server will send out JavaScriptbased payload that alters settings on the target's digital currency wallet, and the transfers bitcoins to the attackers, ESET found.

This same transfer process also happens if the target attempts to use QIWI, a Russian money transfer service.

While ESET researchers believe that the malicious pages that host the trojanized Tor bowser have been visited about a half million times over the last several years, it's not clear if this all the activity associated with this particular criminal scheme, and the amount of cryptocurrency stolen could be much higher.


(2)
(2)




Zerify Inc (ZRFY) Stock Research Links


  1.  
  2.  


  3.  
  4.  
  5.  


WORDS TO LIVE BY:

Never argue with stupid people, they will drag you down to their level and then beat you with experience.


Get .... PrivacyLok https://cyberidguard.com/

Try SafeVchat: https://cyberidguard.com/

My comments are only my opinion and are not to be used for investment advice.

Please conduct your own due diligence before choosing to buy or sell any stock.

xgqbj600g2g.jpg




Investors Hangout

Home

Mailbox

Message Boards

Favorites

Whats Hot

Blog

Settings

Privacy Policy

Terms and Conditions

Disclaimer

Contact Us

Whats Hot

Recent Activity

Most Viewed Boards

Most Viewed Posts

Most Posted Boards

Most Followed

Top Boards

Newest Boards

Newest Members

Investors Hangout Message Boards

Welcome To Investors Hangout

Stock Message Boards

American Stock Exchange (AMEX)

NASDAQ Stock Exchange (NASDAQ)

New York Stock Exchange (NYSE)

Penny Stocks - (OTC)

User Boards

The Hangout

Private

Global Markets

Australian Securities Exchange (ASX)

Euronext Amsterdam (AMS)

Euronext Brussels (BRU)

Euronext Lisbon (LIS)

Euronext Paris (PAR)

Foreign Exchange (FOREX)

Hong Kong Stock Exchange (HKEX)

London Stock Exchange (LSE)

Milan Stock Exchange (MLSE)

New Zealand Exchange (NZX)

Singapore Stock Exchange (SGX)

Toronto Stock Exchange (TSX)

Contact Investors Hangout

Email Us

Follow Investors Hangout

Twitter

YouTube

Facebook

Market Data powered by QuoteMedia. Copyright © 2025. Data delayed 15 minutes unless otherwise indicated (view delay times for all exchanges).
Analyst Ratings & Earnings by Zacks. RT=Real-Time, EOD=End of Day, PD=Previous Day. Terms of Use.

© 2025 Copyright Investors Hangout, LLC All Rights Reserved.

Privacy Policy |Do Not Sell My Information | Terms & Conditions | Disclaimer | Help | Contact Us