Main navigation

Hackers Steal Bitcoin from DarkNet Market Buyers via Fake Tor Browser, ESET Team Reports

Fri, 10/18/2019 - 12:59
article image
Yuri Molchan
The ESET research team discovers malware inside a Tor Browser version that fishes Bitcoin out of darknet shoppers
Hackers Steal Bitcoin from DarkNet Market Buyers via Fake Tor Browser, ESET Team Reports
Cover image via
Read U.TODAY on
Google News

Hackers have been using Bitcoin-stealing malware and malware for hidden mining for a long time, improving it against counter measures of IT security companies every year. Bitcoin and privacy-focused coins have been long used for shopping on the darknet.

Recently, Bloomberg wrote that a large child porn website, which accepted Bitcoin, was shut down by South Korean authorities.

However, now the ESET research team has found that hackers have been stealing Bitcoin from Russian-language users who conduct purchases on the darkweb.

Bitcoin Price Expected to Fall to $6k, Historical Data Indicates Big Rally Will Follow

How the hackers’ scheme works

Two websites show visitors a message that they have an old version of Tor Browser and offer them to install a new one, with all the necessary updates included.

Then users are redirected to a page for downloading a Windows version of updated Tor browser. The ESET team claims that this malware version of the famous VPN browser is offered only to Windows users.

When future victims start topping up their Bitcoin wallets via cash terminals or their online wallets, the trojanized Tor Browser changes their addresses to the hackers' BTC addresses.

Ripple Confirms Bank of America Is Customer That Has Been Testing XRPL-Based Product

How much BTC has been stolen

So far, the amount of stolen BTC totals a little over $40,000 (slightly under 4 BTC). However, the ESET team warns that the actual amount of BTC is likely to be much higher.

The report of the ESET team says:

“This trojanized Tor Browser is a non-typical form of malware, designed to steal digital currency from visitors to darknet markets. Criminals didn’t modify binary components of the Tor Browser; instead, they introduced changes to settings and the HTTPS Everywhere extension. This has allowed them to steal digital money, unnoticed, for years.”

Do you believe that darkweb users deserve to lose their Bitcoin to hackers? Share your opinion in the comments section below!

article image
About the author

Yuri is a crypto journalist interested in technology and technical innovations. He has been in crypto since 2017. Believes that blockchain and cryptocurrencies have a potential to transform the world in the future in many of its aspects. ‘Hodls’ major cryptocurrencies and has written for multiple crypto media outlets. 

His articles have been quoted by such crypto influencers as Tyler Winklevoss, John McAfee, CZ Binance, Max Keiser, etc.

Currently Yuri is a news writer at U.Today and can be contacted at