Author

Topic: Tor Proxy Steals Bitcoin from Victims (Read 174 times)

hero member
Activity: 3052
Merit: 651
February 04, 2018, 12:37:49 PM
#5
That is scary.

But they cannot enter through your files if they are just websites right?
I am using a lot of different VPN's and I dont want this happening to me.
If it is just a website browser then it is just the address of the owner of the website which is being changed. How come there will be blackmails if they cannot enter thru your computer. It is just confusing me a little.
This people behind this are good if they can create a way to change it somehow.
full member
Activity: 504
Merit: 100
February 04, 2018, 12:32:05 PM
#4
oh thats sounds scary, id better use tor browser than tor proxies that way youl be safe moat of the tine

I have already read this information. Be very cautious when you use these anonymizers, VPN services and TOR. If you do not know how they work and do not protect you, you can become a victim of hackers.
full member
Activity: 490
Merit: 100
February 02, 2018, 11:06:00 AM
#3
oh thats sounds scary, id better use tor browser than tor proxies that way youl be safe moat of the tine
legendary
Activity: 2114
Merit: 1293
There is trouble abrewing
February 02, 2018, 11:01:03 AM
#2
"onion.top" and similar services are "websites" what i don't understand is how using these websites to access .onion websites infects your computer with ransomware?!

edit:
never mind that! i guess what OP copy pasted here without link was vague. at least for me Tongue
these "Tor-to-web proxy services" are simply replacing the bitcoin address in the website you visit. and it happens to be used mostly by victims of ransomare.
https://www.bleepingcomputer.com/news/security/tor-to-web-proxy-caught-replacing-bitcoin-addresses-on-ransomware-payment-sites/
jr. member
Activity: 770
Merit: 1
February 02, 2018, 10:51:58 AM
#1
Tor proxy service extorts money from victims and asks their victims to pay in bitcoins. So that they can escape from authorities. If a victim is not able to install the Tor browser used to access the deep web’s .onion domains, operators ask them to use a Tor proxy, such as onion.top or onion.to.

Tor proxy services allow access to .onion websites using a standard browser such as Google Chrome, Edge, or Firefox, regardless of the .top or .to extension at the end of each Tor URL. These services are becoming increasingly popular among ransomware authors.

According to cybersecurity firm Proofpoint, at least one of these services, onion.top, has replaced the Bitcoin payment address of the ransomware with its own. According to research, the state has secretly done so and has apparently made more than $ 22,000 from the move.
Onion.top did this after noticing a ransomware strain which warned users not to use Onion.top services. It reads:

“DO NOT USE ONION.TOP, THEY ARE REPLACING THE BITCOIN ADDRESS WITH THEIR OWN AND STEALING BITCOINS. TO BE SURE YOU’RE PAYING TO THE CORRECT ADDRESS, USE TOR BROWSER.”

According to reports, the authors are behind the burdens of ransomware, which counteract the movement of onion.top in many ways. Most try to get users to fully see Tors proxy services and simply pay with the Tor browser. Others, such as MagniBer, decided to divide the bitcoin payment address shown to the victim with various HTML tags to avoid automatic replacement.
The victims, who decide to pay the ransom and send their money to the Tor Proxy Service, do not pay the ransomware blackmailers and have probably not, deciphered their files.
Jump to: