The bitcoin price, up two-fold since the beginning of the year, has fallen back somewhat recently–though not enough to put off cyber criminals.
The total amount of confirmed stolen funds has been put at 4.8 bitcoin–worth almost $40,000 at current prices–though experts from cyber security company ESET have cautioned the real amount could be far higher with the campaign running unnoticed for many years.
“This malware lets the criminals behind this campaign see what website the victim is currently visiting. In theory, they can change the content of the visited page, grab the data the victim fills in to forms and display fake messages, among other activities. However, we have seen only one particular functionality–changing the bitcoin and cryptocurrency wallets,” said Anton Cherepanov, ESET senior malware researcher.
see url The trojanized version of the Tor Browser, which is most often used to access the so-called dark web where people can buy illicit goods and services in exchange for bitcoin, has targeted Russian-speaking users of the anonymous Tor network and is disguised as the official browser–with Cherepanov warning “non-technically savvy people probably won’t notice any difference between the original version and the trojanized one.”
ESET researchers found the malware is targeting three of the largest Russian-speaking dark web markets, altering the details of popular Russian money transfer service QIWI or bitcoin wallets located on pages from these markets.
“During our investigation, we identified three bitcoin wallets that have been used in this campaign since 2017. Each such wallet contains relatively large numbers of small transactions; we consider this a confirmation that these wallets indeed were used by the trojanized Tor Browser,” said Cherepanov.
As bitcoin and cryptocurrencies have become more widely used and their value has climbed, bitcoin scams and cyber attacks have increased.
Earlier this week, researchers warned a strain of malware designed to try to extort victims, dubbed “Save Yourself,” could potentially compromise bitcoin wallets.
Meanwhile, the bitcoin and cryptocurrency industry was dealt a blow earlier this week when it was revealed pedophiles around the world had been swapping images of child abuse for bitcoin on the dark web in one of the largest child pornography busts ever.