Tor Network used to Host 900 Botnets and hidden Darknet Markets


Tor Network Botnets

Tor network offers users browse the Internet anonymously and is mostly used by activists, journalists to conceal their online activities from prying eyes. But it also has the Dark side, as Tor is also a Deep Web friendly tool that allows hackers and cyber criminals to carry out illicit activities by making themselves anonymous.

Kaspersky security researcher reported that Tor network is currently being used to hide 900 botnet and other illegal hidden services, through its 5,500 plus nodes i.e. Server relays and 1,000 exit nodes i.e. Servers from which traffic emerges.

These days, Cyber criminals are hosting malware’s Command-and-control server on an anonymous Tor network to evade detection i.e., difficult to identify or eliminate. Illegal use of the Tor network boosted up after the launch of the most popular underground Drug Market - Silk road that also offered arms and malware to their users against Bitcoin,one of the popular crypto currency.

ChewBacca, a point-of-sale keylogger was found to be used by them and the new Zeus banking malware variant with Tor capabilities, also the researcher has found the first Tor Trojan for Android as well.

With the use of ‘Darknet resources’, such as Tor network, cybercriminals are offered various advantages and the possibility of creating an abuse-free underground forum, market and malware C&C server is attracting more and more cyber criminals, who are increasingly moving towards the technology, according to Kaspersky Lab.
Tor Network Botnets
Hosting C&C servers in Tor makes them harder to identify, blacklist or eliminate," explained Sergey Lozhkin, a senior security researcher at Kaspersky Lab, “Although, creating a Tor communication module within a malware sample means extra work for the malware developers. We expect there will be a rise in new Tor-based malware, as well as Tor support for existing malware,” he added.

Tor network resources, including command-and-control servers, admin panels and other malware-related resources, ‘Carding’ shops are also waving on the Darknet. “Offers are not limited to credit cards – dumps, skimmers and carding equipment are for sale too,” said the researcher.

As you know, by browsing the web using Tor hides the users’ IP address, allows journalist, Internet activist to cyber criminals to maintain anonymity. In addition, this Darknet resource is resulting in financial fraud and money laundering.

One Response so far.

  1. Blogger says:

    On Free Bitcoin you may recieve free satoshis. 8 to 22 satoshis every 5 minutes.