Topic: Hackers targeting Tor - page 2. (Read 391 times)

The issue targets people that go on bad links and download exploited versions of the TOR browser which opens them up to exploits.

Download eveything off official websites. And make sure you verify everything from the offical tor website, and don't click bad links that might possibly include malware.

people seriously have to get into the habit of either compiling from sources or verify the things they download and it goes for everything. Tor also uses PGP signatures to sign their releases and they have a help page explaining how to do it here: https://support.torproject.org/tbb/how-to-verify-signature/
that simple move can easily solve a great number of issues (such as malware infections, losing data, losing bitcoin,...).

Though I am not using TOR browser, but I think hackers can't penetrate if you only update your browser. Because the hacker's version of the official TOR browser is a totally different app with the same content but with additional spyware. People who are security-wise wont get easily attacked by this kind of malware.

I Might as well research for the same kind of attack using different browser.

Though I find this a little bit ironic, this incident only shows the importance of downloading apps from official sites only and not be enticed easily by supposedly trusted fellow netizens with their app recommendations!

I think netizens should also exercise more vigilance and always be cautious to prevent these types of incident from happening again but I think this will never change until there are people who are gullible - the reason why this kind of intrusions will never stop! Imho.

Security awareness is a better protection than relying on what ESET said. Even if they didn't publish this, but you always verify the file signature then you should be fine.

you need:

• 8GB RAM minimum (really 12GB is the comfortable minimum)
• Intel VT-d or the AMD equivalent (forgot the name)
• Intel SLAT or the AMD equivalent (ditto)

There's a LiveDVD version, so that would test your pc's ability to run Qubes. You can also check the list of compatible computer models (the HCL) on https://qubes-os.org before trying.



Qubes can do this selectively though.

You can run Tor Browser (or any app) in a volatile ("disposable" in Qubes jargon) way, but if you want to run a different browser with cookies stored in it at the same time, that's also possible. Qubes uses Xen to sandbox different apps into separate virtual machines.

And every separate hardware device can be sandboxed to it's own virtual machine. So, attacks that target e.g. your network device cannot be used to compromise the overall OS, just the virtual machine the device runs in. All USB devices are similarly segregated to a VM, that can temporarily re-assign control of any specific USB port to another VM (which could be a disposable VM )

there are alot of different ways to use Qubes OS, as well as alot of new plans to enhance it. It's made for a pretty stable system since I've been a user, and I think the security benefits are what Bitcoin users need (you can keep e.g. hardware wallet very tightly controlled as to what websites are running when it's attached to your pc, or as I do, never attach the hardware wallet to an OS running any browser).

The standard VMs are Debian, Arch and Fedora, in case you're wondering (but any OS can be run in a more limited mode).

I have the TOR browser installed on my PC but used it for few times. Thanks for this, I have uninstalled it already and deleted all the necessary folders related to it.

I might test this sometime, thanks for sharing this too.

This is the same thing as running Tails alone from a DVD. You can install anything to the running live session (as long as ram permits) then just turn off the PC and all you added is gone.

I prefer Qubes + Tails, that assures me the correct TOR version.

Also, Tails route all network traffic travels through TOR, ensuring my anonymity and making it more difficult for hackers to target me.

I am so glad I am with ESET, they really good and make me feel protected. This is why you do not download anything that is not from the original site. Sometimes it is difficult not to if you are not paying attention. How often do people actually check the site they are on is the right one? This is why you always bookmark your sites to be sure.

the OS I use does that automatically every time you open a Tor Browser: https://qubes-os.org


It keeps a master copy of the Debian linux OS safely that's never used directly. Then when you want to use Tor Browser, it makes a temporary copy of Debian, and opens Tor Browser inside that. When you quit, the whole temporary copy is deleted, including any malware that it might have got infected with


been running this way for years now, no problems at all

In fact, I often use the Tor browser until now to surf the internet, I have to delete the Tor browser so I don't want it to happen that way before hackers spread the malware virus.

How could you be so clueless. This is tiresome, really.

Ever heard of people losing coins for downloading "compromised" wallets? Guess what, those were "official" too. Duh. They take the official thing, and add their malware, as it has been for decades. This used to be called Trojan, but could also be labeled phishing, as it usually involves a legit looking website (tho it could be simply infected files at a popular "downloads" site).

Tell you what, this means "hackers" are NOT attacking Bitcoin, not even the wallet. The ones attacked are the clueless people that download those dubious things in the first place. Its more social than technical...

Do you get it now or i have to spell it for you? This is NOT an "attack" to Tor, and is not "alarming" AT ALL, more like "duh, the usual windows trojan".


For starters don't use windows/osx/android/ios if you value security. Then we can go on with the important stuff, but at least that gets rid of 80% of the problem.

Tor is safe, Bitcoin is safe. Humans are not safe, humans fooled by other humans into downloading fake or tainted software, are not safe. Infamous layer 8...

Fortunately I've never use Tor but this is a very alarming issue for everyone inside or outside of crypto space, given that the compromised version is the official Tor browser itself which make hard for a regular user to notice and it's been running for many years   No wonder why the case of stolen Bitcoin is increasing.

Good thing they also share it on Facebook.

https://www.facebook.com/404460532994922/posts/2509439352497019/


Geez, we are all clueless that ToR had already been attacked by hackers for years. What else could be next then?

As always I think cybersecurity is a subject that is highly underconsidered by the general users. Informational campaigns should be promoted more in the crypto communities as we're  the sole responsibles for our software/hardware wallets unless we keep them within a custodian.

Remember that hackers are always working in the background and they become smarter and sneakier by the day. Precaution is law in this game.

This is a very sensitive issue and I thank you for sharing it. Hackers are very desperate just to access and stole our hard earned bitcoins and other cryptocurrency. Aside from sending phishing link, cryptojacking virus, keylogger, Bitcoin address switcher, ransomware now we have this distributed fake TOR app. What was alarming is that the ESET anti-virus company  have verified that it was operating for years already. We can just wish that all cryptousers be vigilant and I advise that we use a different pc or mobile for cryptocurrency and for other apps, this way we can be more secured that if our pc or mobile will be infiltrated the pc and mobile with our crypto logins will not be infected/infiltrated.

I think to download the most common stuff from the internet is the easiest way to get someone an infected file. As technological advances sprout everywhere and continuous, new methods are being developed to hack cryptocurrency funds. I want to say that thank you for giving a reminder because sometimes we become so relaxed with what we currently have, and we will never know once we have been attacked.

Being tracked with search engines could also be a thing. Make sure you are utilizing a good engine. Like duckduckgo perhaps.

Thanks for sharing I think Hackers have entered an all new world of hacking now and without regulations these things are much more prone when it comes to Cryptocurrencies. But as far as I think a little vigilance on our part can really save us from most of the scams.
I think before the phase of 2017 which was the phase when bitcoin came to popular light most of the users used tor to maintain anonymity to ensure they are hidden from authorities and hackers but they never thought that this is making them much more prone.

This problem has been going on for years and it is only now that it has been exposed to the light? Wow, that can be a big testament to the genius of the people behind the distribution of the fake TOR browser. People usually associate the TOR browser with privacy, anonymity and of course safety. So it makes sense for the perpetrators to fake the whole thing and lead people to believe that they are downloading the real, genuine TOR when in fact they are not and they are now victimized. How  many people and how much cryptocurrencies have been stolen by this malware remains to be seen. I am not using TOR but I am quite thankful that this infection has been brought to the open. We should really be careful with anything we are downloading.