"Malicious Tor Browser Installers Spread Via Darknet Video on YouTube"

Cybersecurity researchers at Kasperksky have recently identified multiple infections via malicious Tor Browser installers spread via an explanatory video about the Darknet on YouTube.  The YouTube channel in question has more than 180,000 subscribers, while the view count on the video with the malicious link exceeds 64,000.  The researchers noted that by adding a link to an infected version of Tor Browser in the description bar of the video, cybercriminals, dubbed "OnionPoison" by the security firm, spread malware that could collect victims' data and obtain complete control over their computers via shell commands.  The researchers noted that most of the affected users were from China.  From a technical standpoint, the researchers stated that the analyzed version of Tor Browser is configured to be less private than the original software tool.  In fact, the malicious variant not only stored browsing history and all the data the user entered into website forms but also distributed spyware to collect personal data and send it to the hackers' server.  The researchers noted that, unlike many other stealers, OnionPoison does not seem to show a particular interest in collecting users' passwords or wallets.  Instead, they tend to be more interested in gathering victims' identifying information which can be used to track down the victims' identities, such as browsing histories, social network account IDs, and WiFi networks.

Infosecurity reports: "Malicious Tor Browser Installers Spread Via Darknet Video on YouTube"