According to the researchers from cybersecurity firm ESET, the newly discovered trojanized Tor browser has been spreading using two websites that claim to distribute the official Russian language version of the Tor Browser. The cybercriminals promoted the webpages of the fake browser on several Russian forums.
The scammers targeted people who purchased things on the dark web using cryptocurrencies. The Tor browser is a gateway to the darknet. It allows users to surf the internet anonymously as it hides the IP address of the system in a very secure way. The scammers promoted their fake Tor during the peak of the crypto market in 217-2018.
If a person places an order on the dark web using the fake Tor browser, the wallet’s address when transferring the fund would change to a different one, which belongs to the scammers. The fake version looks exactly the same as the original one. It is highly advised to purchase software from the source to avoid falling victims to such scams.