Hi Guys,
Security researchers at Kaspersky have found a modified version of the TOR browser available for download, and instead of protecting the anonymity of its users, it spies on them instead. The modified version is currently aimed mainly at Chinese users, but it can be downloaded from anywhere worldwide, so you need to be careful.
What is the TOR browser, and what does it do?
Sorry for being overly technical here. The Tor (The Onion Router) browser conceals its users’ identities and their online activity from surveillance and traffic analysis by separating the identification (IP address etc.) of its users and the routes (the websites they visit) they take. It is called onion routing (like an onion, it has many layers), which encrypts the traffic and then bounces internet users’ and websites’ through “relays” run by a network of thousands of volunteers around the world. You can use TOR to browse the internet anonymously, and you can also use it to access sites on the dark web.
Check it out here – www.torproject.org
Who uses the TOR browser?
The Tor project team says its users fall into the following main groups:
- Normal people who want to keep their internet activities private from websites and advertisers;
- Those concerned about cyberspying, such as Journalists, activists, whistleblowers, etc.
- Users evade censorship in certain parts of the world.
What does this modified version do?
When you use TOR, you are not tracked, but this modified version tracks everything the user does, including:
- Internet history
- Data entered into website forms (passwords etc.)
- Computer name
- Computer location
- Computer user name
- MAC addresses of network adapters (this is one of your digital fingerprints)
The modified version also allows remote attackers to download and execute code, giving them complete control of the user’s computer.
How do you stay safe?
- If you are downloading the TOR browser, please only download it from the official source, which is www.torproject.com
You should not fully trust TOR, as there have been examples in the past where users of TOR have been tracked down. Also, it is interesting that The TOR project receives massive funding from the US government. It reminds me of a quote from Vladimir Lenin – “The best way to control the opposition is to lead it ourselves.” Tor is fine for most things where you need to be anonymous, but you need to make sure you know what you are doing and that you fully understand the system you are using to protect yourself and its limitations and weaknesses.
All the best,
Max Roberts,
Incognito Privacy Care Team.