A trojanized version of the Tor Browser is currently targeting Russian users to steal their Bitcoin funds. This was discovered by ESET security researchers.
When victims try make any Bitcoin transactions, the Backdoored Tor browser will automatically replace the original destination address with another address controlled by criminals.
The attackers are promoting their trojanized version of the Tor Browser through posting spam message on some popular Russian cryptocurrency websites to encourage victims to download and use the infected browser. Two domain names are used to distrubute the infected browser tor-browser[.]org and torproect[.]org
At the moment of publishing, the cryptocurrency wallets controlled by the attackers received 863 transactions worth of $40,000 in Bitcoin cryptocurrency.
