The Tor anonymisation network is being used to hide 900 botnet and
cybercrime-related hidden services, according to Kaspersky Lab.
Kaspersky security researchers report that the Tor network is playing host to the ChewBacca point-of-sale keylogger and the ZeuS banking malware control infrastructure, as well as the first Tor Trojan for Android.
Many Tor network resources are command-and-control servers, admin
panels and other malware-related resources. “Carding” forums are also
flourishing on the darknet.
Using darknet resources offers various
advantages to cybercriminals, who are increasingly moving towards the
technology, according to Kaspersky Lab.
“Hosting C&C servers in Tor makes them harder to identify, blacklist or eliminate," explained
Sergey Lozhkin, a senior security researcher at Kaspersky Lab,
"although creating a Tor communication module within a malware sample
means extra work for the malware developers.”
Lozhkin added: “We expect there will be a rise in new Tor-based malware, as well as Tor support for existing malware.”
It's difficult, if not impossible, to identify the user’s IP address in Tor,
which offers a cloak of anonymity that can be used by anyone from human
rights activists to cybercrooks. Moreover, this darknet resource
utilises so-called pseudo-domains which frustrate efforts to identify
the resource owner’s personal information.
No comments:
Post a Comment