Kaspersky, a cybersecurity company, reveals a group of criminals who have been stealing cryptocurrency through the use of Tor, a tool often associated with the dark web. The criminals use this tool to hide their digital footprint and intentions. According to reports, the operation has stolen approximately $400,000 worth of digital currency this year alone by using malware to target the online wallets of around 15,000 victims.
This cybercrime has affected 52 countries, with Russia being the most severely influenced. The scheme has also targeted several Western countries including the US, Germany, the UK, and France, as well as Asian countries such as China and Uzbekistan. Belarus, a key ally of the Kremlin, has also fallen victim to this cybercrime.
It appears improbable that political allegiances are driving the individuals or groups who stole several cryptocurrencies, such as Bitcoin, Ethereum, Litecoin, Dogecoin, and Monero, from digital wallets.
Suspicions have arisen that cybercriminals operate with impunity in Russia, as long as their targets exclude Russia or its allies. Nevertheless, Kaspersky proposes that Russia might actually be a primary target due to its citizens’ dependence on third-party services to access Tor, which is banned in the country. This is the same reliance that crypto-thieves exploit to perpetrate their thefts.
The disguised malware, which appears as Tor Browser, functions by replacing a portion of the clipboard contents with the attacker’s wallet address whenever it detects a wallet address in the clipboard. This technique has been utilized for more than a decade by banking trojans to replace bank account numbers, but it is now actively being used to target cryptocurrency traders and owners.
Story Credit
