Let’s say you live in Russia and want to use the Tor browser to anonymize your web browsing.
There is a problem.Many people in Russia do not have access to Tor’s official website. Blocked by ISP.
So what do you do?
Well you can try to find a place other than Tor official website Download Tor from
But can you trust versions of Tor downloaded from torrents or third-party sites?
according to report It may not be from Kaspersky, a Russian antivirus company.
sign up for newsletterSecurity news, advice and tips.
Kaspersky thugs say they’ve seen malware distributed as a copy of Tor that stole about US$400,000 worth of cryptocurrency from about 16,000 users worldwide.
According to the researchers, the booby-trapped installer provides Tor with a selection of regional language packs, including Russian.
Once installed, the malware snoops the Windows Clipboard.
Checking the clipboard for what appears to be a cryptocurrency wallet address, it replaces it with an address controller by the attacker.
In short, you may think you are transferring cryptocurrency to your wallet, but it is actually in the hands of cybercriminals.
ah.
I was amused to see Kaspersky’s team suggest a simple way to check if a system has been compromised.
Type or copy the following “Bitcoin Address” into Notepad.
bc1heymalwarehowaboutyoureplacethisaddressNow press Ctrl+C and Ctrl+V. If the address changes to something else — your system may be compromised by clipboard injector type malware and is dangerous to use.
I wouldn’t rely solely on that test to determine if my computer was compromised by clipboard-inserting malware, but it would be interesting to try.
When in doubt, it’s probably safest to always assume that your computer has been compromised.
Did you find this article interesting? Follow Graham Cluley on Twitter again Mastodon To read more about the exclusive content we post.
