A new report from cybersecurity firm ESET has discovered how cyber criminals have used a browser to steal digital money.
The researchers discovered that a trojanized version of an official Tor browser package has been used to enable hackers to steal over $40,000 worth of bitcoin. The Tor Project is a way for users to surf the web without being identified.
The internet browser was distributed via two websites created in 2014, claiming to be the official Tor Browser distributors. The people behind the ploy reportedly promoted their websites in 2017 and 2018 via Russian forums.
While the browser from the outset may have looked like the real thing, it had been modified by the hackers in a number of ways that would put users’ digital safety at risk.
One of the ways it had been modified was that it was triggered when the user visited three Russian dark web marketplaces. People on these marketplaces usually trade in bitcoin, making it even trickier to identify them.
When they visited these marketplaces and tried to make a purchase, the trojanized Tor browser automatically swapped the address of the people they were supposed to send money to an address controlled by the cyber criminals. This meant that the criminals and not the intended receiver got the money.
Copyright © 2018 RegTech Analyst