Bitcoin scammers steal coins through the Tor browser

Bitcoin scammers steal coins through the Tor browser

The “Bitcoin” Scam Is Out of Control…


Bitcoin scammers steal coins through the Tor browser

  • Tor anonymous browser can be used by hackers to hack wallets

  • More than 23% of Tor’s output power is controlled by scammers

  • Hackers have learned to hack mail and attack the OS

International consortium of news organizations, developing standards for transparency.

Developed by the US government to respect user privacy, Tor anonymous browser poses a real threat to cryptocurrency owners. Recent studies prove that it is easy for attackers to hack wallets and withdraw coins.

Criminals can control the flow of information in Tor

For the first time, the problem with the security and safety of data in the Tor browser was raised back in 2019. Then one of the cryptanalysts under the nickname Nusenu already talked about how attackers can control the flow of information. However, since then, the Tor developers have not only failed to fix the problems, but, on the contrary, the situation has worsened even more. Tor exit relay remains the most vulnerable point of the browser.

“The Tor exit relay is the last hop in a chain of 3 relays and is the only relay type that can see the connection to the actual destination selected by the Tor Browser user. The protocol used by the user (eg http or https) decides whether the malicious relay output can actually see and control the transferred content or not, ”explains Nusenu.

According to Nusenu, he has already discovered an attacker who controls about 23% of the output power of the entire Tor network. This means that about one in 4 connections leaving the Tor network went through an exit relay controlled by a single attacker..

Bitcoin scammers steal coins through the Tor browser

The figure shows how much of the accumulated Tor network output power was controlled by the attacker and how many confirmed malicious relays were running simultaneously (peak over 380 relays). The figure also shows that if a user opened the Tor browser at the peak of the attack in 2020-05-22, they had a 23.95% chance of eventually choosing an attacker-controlled Tor exit relay. Since Tor clients typically use a variety of Tor exit relays, the likelihood of using a malicious exit relay increases over time.

“They’re carrying out man-in-the-middle attacks on Tor users by manipulating traffic through their output relays. They selectively remove HTTP-to-HTTPS redirects to gain full access to plain, unencrypted HTTP traffic without triggering TLS certificate warnings, ”Nusenu explains.

This is a known vulnerability and countermeasures exist, but unfortunately many website operators do not implement them. According to Nusenu, the attackers were primarily targeting sites related to cryptocurrency. They replace the user’s bitcoin address with their own, thus channeling the coin into their wallets.

Scammers steal millions of dollars worth of military-technical cooperation

However, cyber criminals are not only using the Tor browser to steal cryptocurrencies. More recently, BeInCrypto reported that scammers have targeted Mac users as new victims of cryptocurrency scam. According to one of the largest antivirus companies, several fake trading apps are actually stealing coins from unsuspecting users’ wallets..

Bitcoin scammers steal coins through the Tor browser

Computer security experts at ESET warn that malicious Mac apps disguised as crypto trading applications have recently appeared on websites that distribute free software.

In addition, hackers have learned to compromise users’ email addresses and withdraw huge amounts of money in fiat and cryptocurrencies. Thus, a criminal group headed by Olalekan Jacob Ponle, better known as Woodbery, managed to rob a number of American companies worth hundreds of billions of dollars. According to the FBI, about 1.9 million people and organizations have become victims of fraudsters, and the group itself has been operating on the Internet for several years. The criminal group included at least 11 people who were engaged in hacker attacks on computers and servers of large American companies..

Bitcoin scammers steal coins through the Tor browser


All information, contained on our website, published on principles of good faith and objectivity, and for informational purposes only. The reader bears himself full responsibility for any actions, committed by him on the basis of information, obtained from our website.

Share Article