Fake version of Tor browser Do not install! The purpose of this fake version is to identify users online and collect sensitive data such as social network IDs.
Malware by researchers of Kaspersky Security Institute Modified version of Tor browser (Tor) has been found to be no different in appearance from the original version of tor. It is said that this browser guarantees the anonymity of users in the virtual space and its security is high.
but this Fake version of Tor browser It is coded to collect identifiable information about users. According to the report of theverge website, the distribution method of the fake version of Tor, which is considered a malware, is designed to target users living in China.
According to the report of security experts, a new malware campaign called OnionPoison in Chinese language is being published on YouTube, which targets unsuspecting users. During their research, the experts found that this video content is in the first place of the displayed videos when searching for the term Tor raksharem, which means Tor browser in Farsi language.
It is interesting to know that in the meta description section of this video, the URL link transfers users to the official website of the Tor browser, which is filtered in China. The second URL link is related to the cloud sharing service and allows users to download the Tor installation file. But unfortunately, this installation file has been forged by profiteers.
But the main challenge is that the fake version of Tor Browser downloads another malware after installation. According to Kaspersky researchers, the second malware is installed only on computers whose IP addresses are connected to China! After being installed on the victim’s computer, this malware can gain access to information such as the computer’s unique identification number, current user name, and MAC address.
After this acquisition, the information collected to Unknown server be sent In addition, according to Kaspersky researchers, this server even has the ability to access the data of applications installed on the computer, web browsing history and the ID of all WeChat and QQ user accounts active on the computer. According to security researchers, it seems that the mentioned malware seeks to identify users instead of stealing their information:
Unlike regular thieves, OnionPoison campaigners do not automatically collect a user’s password or cookie or e-wallet details; Rather, they collect data that is used to identify victims; Data such as browsing history and social network account IDs and Wi-Fi network details.
Our suggestion is to always download software from official sources such as application stores or official websites of companies and never look for downloading them through various links.
Unfortunately, in the current situation, internet restrictions have made it difficult to access official and safe platforms. Therefore, many users are forced to download the software they need from unofficial sources, which can increase the risk of information being accessed by malware.
What do you think about the fake version of Tor Browser? Which application are you using these days? Please leave your comments in the comment section duplicate Share and Technology News Follow with us.