Jump to content

New Ransomware Hides inside Tor from Security - Piracy News and Crypto Updates - InviteHawk - Your Only Source for Free Torrent Invites

Buy, Sell, Trade or Find Free Torrent Invites for Private Torrent Trackers Such As redacted, blutopia, losslessclub, femdomcult, filelist, Chdbits, Uhdbits, empornium, iptorrents, hdbits, gazellegames, animebytes, privatehd, myspleen, torrentleech, morethantv, bibliotik, alpharatio, blady, passthepopcorn, brokenstones, pornbay, cgpeers, cinemageddon, broadcasthenet, learnbits, torrentseeds, beyondhd, cinemaz, u2.dmhy, Karagarga, PTerclub, Nyaa.si, Polishtracker etc.

New Ransomware Hides inside Tor from Security


SaP
 Share

Recommended Posts

According to security experts at Kaspersky Lab, a new strain of ransomware emerged. Dubbed “Onion”, the malware uses Tor to hide and to make it hard to track the hackers behind the campaign.

Screen_Hunter_03_Aug.jpg

Ransomware is spreading across the globe. Another malware representative is a successor to the well-known Cryptolocker: when infected, it would scan your machine for important documents, particularly Microsoft Office files and pictures and encrypt them with a secret key to later demand payment from you.

The ransom the virus claims is high – normally several hundred dollars – and demanded in Bitcoin. However, many users did comply and paid up trying to retrieve their files. A few months ago, even a US police force had to pay a ransom of $1,338 to get their documents back.

As for Onion, it works in a similar way: once a machine is infected, it encrypts your files, just like Cryptolocker does. Then it initiates a countdown to warn you that you have only 3 days to pay up or lose your files forever. The difference between Cryptolocker and Onion (which researchers think originates from Russia) is in the way how it communicates with the “command and control” server which accepts the payment and, if the hackers decide to keep their word, releases the decryption codes.

Onion communicates using Tor – the anonymizing service encrypting communications known worldwide. The malware then bounces them via a series of relay nodes to cover its traces and hide where the connection originated. Onion so far only affects computers running Windows, but it is far not the first malicious software to use Tor to hide its trail. For instance, the banking malware Zeus, seen in the wild in the first half of 2013, was also using the anonymizing network.

Now security researchers at Kaspersky Lab admit that Tor has become a proven means of communication and is being widely used by other types of malware. They also point out that the Onion malware has some technical improvements on previous cases where Tor functions were used in similar campaigns. Apparently, hiding the command and control servers in Tor network largely complicates the search for the cybercriminals. In addition, using an unorthodox cryptographic scheme makes file decryption virtually impossible, even if the security experts manage to intercept traffic between the malware and the server.

These features make Onion a highly dangerous threat. The experts recognized the ransomware one of the most technologically advanced encryptors existing at the moment. In addition, the use of Tor leaves cybersecurity experts with fewer options for fighting the ransomware. While Cryptolocker could be halted temporarily by a concerted effort to take down the servers controlling it, Onion’s commands originate from a darkweb server, so it is impossible to trace them back to somewhere.

Kaspersky lab recommends everyone to make sure their antivirus software is regularly updated and keep regular backups in case Onion finds its way onto their PC.

http://extratorrent.cc/article/3818/new+ransomware+hides+inside+tor+from+security.html

  • Upvote 2
Link to comment
Share on other sites

The last post in this topic was made more than 14 days ago. Only post in this topic if you have something valuable to add. Irrelevant posts are not allowed and you will be warned/banned for spamming old topics.

Guest
This topic is now closed to further replies.
  • Customer Reviews

  • Similar Topics

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.