Bitcoin is a favorite target of darkweb hackers

Hit Brother

5 years ago

Bitcoin and other major cryptocurrencies have become a favorite target of hackers and scammers in recent years, spurred by the bitcoin price explosion.

The bitcoin price, up two-fold since the beginning of the year, has fallen back somewhat recently–though not enough to put off cyber criminals.

Now, researchers are warning a version of the widely-used, privacy-focused Tor Browser has been used to spy on users and steal their bitcoin.

The total amount of confirmed stolen funds has been put at 4.8 bitcoin–worth almost $40,000 at current prices–though experts from cyber security company ESET have cautioned the real amount could be far higher with the campaign running unnoticed for many years.

“This malware lets the criminals behind this campaign see what website the victim is currently visiting. In theory, they can change the content of the visited page, grab the data the victim fills in to forms and display fake messages, among other activities. However, we have seen only one particular functionality–changing the bitcoin and cryptocurrency wallets,” said Anton Cherepanov, ESET senior malware researcher.

The trojanized version of the Tor Browser, which is most often used to access the so-called dark web where people can buy illicit goods and services in exchange for bitcoin, has targeted Russian-speaking users of the anonymous Tor network and is disguised as the official browser–with Cherepanov warning “non-technically savvy people probably won’t notice any difference between the original version and the trojanized one.”

'); var s = document.createElement('script'); s.type = 'text/javascript'; s.async = true; s.src = 'https://ad.admitad.com/shuffle/289c251618/'+subid_block+'?inject_to='+injectTo; var x = document.getElementsByTagName('script')[0]; x.parentNode.insertBefore(s, x); })();

Are you interested in Blockchain Technology? Click Here

ESET researchers found the malware is targeting three of the largest Russian-speaking dark web markets, altering the details of popular Russian money transfer service QIWI or bitcoin wallets located on pages from these markets.

When a user visits their profile page in order to add bitcoin to their dark web market the compromised Tor Browser swaps the original bitcoin address with one controlled by criminals.

“During our investigation, we identified three bitcoin wallets that have been used in this campaign since 2017. Each such wallet contains relatively large numbers of small transactions; we consider this a confirmation that these wallets indeed were used by the trojanized Tor Browser,” said Cherepanov.

“It should be noted that the real amount of stolen money is higher because the trojanized Tor Browser also alters QIWI wallets.”

As bitcoin and cryptocurrencies have become more widely used and their value has climbed, bitcoin scams and cyber attacks have increased.

Earlier this week, researchers warned a strain of malware designed to try to extort victims, dubbed “Save Yourself,” could potentially compromise bitcoin wallets.

The bitcoin price has risen sharply since early 2017, making cyber criminals keen on bitcoin and other major cryptocurrencies

Meanwhile, the cryptocurrency industry was dealt a blow earlier this week when it was revealed pedophiles around the world had been swapping images of child abuse for bitcoin on the dark web in one of the largest child pornography busts ever.