Kaspersky cyber security experts have found numerous infections via an infected Tor browser installer. The campaign is named OnionPoison and the installer has been released via the Chinese language YouTube video on cyber-criminals and the black web.
The channel has more than 180,000 subscribers, while the views of the video have surpassed 64,000. This is a traumatic experience for those using TOR because it’s an anonymity-based browser that acts as an access point for access to Dark Web.
Tor Browser is a free and open-source web browser that is based upon Mozilla Firefox web browser. It is a browser that Tor Browser is designed to ensure your privacy and security when surfing the web.
The Tor Browser relays your web browsing through a web of servers, which makes it impossible for anyone to monitor your online activities. It is available for download on Tor Browser is available for Windows, macOS, and Linux.
Tor is the abbreviation to mean “The Onion Router”. The Tor network is an internet service provider. Tor system was first designed in the US Naval Research Laboratory as to securely communicate between federal agencies.
The Tor network is volunteers-run servers that direct internet traffic through encrypted tunnels. This makes it impossible for anyone else to track your online activity, or to pinpoint your place of residence.
TOR’s connection with China
It is important to note that Tor browser is not permitted in China so Chinese residents frequently resort to creative methods to download it. They mostly use third-party websites to do this. Therefore, they are more susceptible to being fooled into downloading the malware installer. The worst part is that the majority of affected users also reside in China.
TOR Installers: Original vs Malicious
This altered version’s URL was released at the beginning of January in 2022, on an online channel which advocates anonymity on the internet. It’s Chinese-language, as well as the installation was hosted by a Chinese cloud-sharing platform.
The major difference between the genuine variant and the altered version is in the digital signature which was not present in the malicious files, and some files were distinct from those of the initial. Also, the version that was evaluated by Kaspersky is less secure than the original version.
Malicious YouTube video warned by Kaspersky
According to Kaspersky’s advice The shady YouTube video has been spreading an altered variant of TOR browser that can collect sensitive data from people from China. This includes Internet history as well as data that the user inputs into web-based forms.
The browser gathers data and hides spyware within the accompanying library that further gathers information like the computer’s name and name of the user along with the location and the MAC addresses of network adapters. It then transmits the information to C2 server.
In addition, it comes with embedded feature that allows you to execute shell commands that give the attacker full power over their device. The description bar of the video provides an address to the infected TOR browser.
The fraudsters seem to be keen on obtaining personal details of the victims such as Social network identification numbers, Wi-Fi network names, and browsing history in order to locate them and uncover their identities.
“The attackers can gather information on the victim’s personal life, his family or home address. Additionally, there are cases when the attacker used the obtained information to blackmail the victim.”
Kaspersky
Researchers are warning both individuals and businesses not to use websites that are third party to download software in order to avoid becoming the target of fraudsters. It is crucial to confirm the authenticity of the installers prior to downloading software that can’t be downloaded from official sites. Be sure to check digital signatures prior to installing any software or application.
Tor Browser: How do I download it?
Tor Browser, as we know it Tor Browser, as we are familiar with it, is made available on Windows, macOS, Linux as well as Android. In order to download Tor Browser, visit the official website at Torproject.org. When you’re on the site you can select “Download Tor Browser.” Select the appropriate version for your system and follow the steps to finish the installation.
Once you’ve installed Tor Browser installed, click “Connect.” Tor Browser installed, launch it, and click “Connect.” That’s it! Now you can browse in complete anonymity. Be aware that since Tor secures your data so that your internet connection might be slower than normal. However, rest secure that your security and privacy are worth the cost.
Mobile Security with SYC Secured Smartphone
SYC Secured Smartphone is a trustworthy partner for keeps business data confidential and secured from cyber attackers with its highly-advanced secured algorithm. Leveraging highly talented security advisors, Secure Your Call delivers top-notch mobile security solution services with minimal risk of data theft.
Being a part of the data security industry, SYC Secured Smartphone has launched two advanced and highly secured phones Samsung Galaxy S22 Ultra and Samsung Galaxy S22+ that keep your personal and professional data secured from any kind of cyber-attack. Connect now to inquire about device features.
