Every year more and more hackers are adopting new tools. Some of the tools are used to perform basic attacks, like phishing and password brute force, while others can be used for advanced hacking procedures such as remote access via keystroke logging. It’s important to keep abreast of these changes as they will help you protect yourself or your business from future breaches.
One thing most hackers use is the Tor browser which has a myriad of benefits that is being embraced by professionals at an increasing rate in 2018. In this article, we’ll go over some important reasons why your company should consider opting into the Tor browser.
The Tor browser is the perfect tool for online payment transactions. Since the payment destination can be modified multiple times with the same funds, it’s a perfect choice to launder money. For example, if 10 websites were hacked by an attacker and each of them had $100,000 in stolen funds, gone would be that $100,000. So if that same attacker used the Tor browser to transmit these stolen funds to another site then it would appear as though they were sent to a different site (say a website for a legitimate business).
The hacker can use this method again and again. A quick example of how this works is described below.
An attacker hacks the Bank of America and transfers $2,000 to the attacker’s personal PayPal account. So after the transfer goes through PayPal, the hacker knows that if he hacks a legitimate banking website he can make another fraudulent transfer using the same stolen funds. Now imagine this happening multiple times with multiple legitimate sites.
With every bank transfer and credit card transaction, banks will know exactly where those funds are going which makes them an attractive target for hackers. The Tor browser has several other uses as well which can be used in money laundering schemes.
For example, if a hacker wants to take funds from one bank and route them into another bank, there are certain websites that will help you do that. Forbes writes about how hackers can “launder their Bitcoins” into cash or physical assets (like gold) via a marketplace known as LocalBitcoins.
A defacement attack is when the website’s content or appearance are changed to display a message by an attacker. These attacks are most often used by activists who want to gain publicity for their message. The Tor browser is the ideal tool for this type of attack because it hides the identity of both the attacker and the website they’re hacking.
A good example of a defacement attack is when Anonymous hacked the website for the Council on Foreign Relations and posted a message about their beliefs regarding the Syrian war. The hackers covered their tracks by using the Tor browser.
One of the main reasons why the Tor browser is important is because it can be used to install malware on an existing website. Malware is a type of computer virus that can cause all sorts of problems like stealing data, corrupting files and potentially locking your system entirely. The Tor browser makes it easy to install malware onto a website since the attacker is able to hide their identity.
An example of this occurred when a hacker named “peace_of_mind” posted about this exact method on Reddit. He wrote, “This is just a proof of concept. I’m not actually going to do anything with it… I think this could be an interesting way to get malware on the server. Email From: gmail.com Subject: Hello Alice! Long time no talk :)”
The hacker then posted a link to a website that had an image that looked just like one from Gmail. Clicking on the image would take you to Google’s website and display this message: “Your Gmail has been hacked by Mr. Robot.” This means that users who clicked on the link were being redirected back to Gmail with a backdoor installed via the Tor browser.
The Tor browser is not just used by individuals. There are websites that collect funds from the public. These could be for various reasons like to fund a hacker, or it could be for a cause or an activist group. However, the funds collected usually do not go to the hacker. They’re kept and distributed through various methods such as Bitcoin or PayPal.
For example, one of these websites is called Freedom Hosting and the founder of this service writes about this in his blog post “Another Darknet Ransomware Freedom Hosting Backdoor” where he states:
“To recoup our costs, we’ve created a “Patreon” Crowdfunding campaign on FreedomHosting.io and are grateful for YOUR support… We have decided to start selling freedom on our site, with a 85GB hosting plan starting at 1BTC.”
So let’s say you’re an attacker who wants to collect funds from the public, you could use the Tor browser to set up a number of websites that force people to pay protection money in order to retain access.
Ransomware has become a billion-dollar industry since there’s no way to actually stop it from growing, though if you are a company that is a large enough target you might want to consider hiring someone that offers IT security consulting services.
The Tor browser is a perfect tool for this type of scheme since the identity of the attacker is hidden and hackers don’t have access to their victims’ personal information.
New forms of social engineering
Social engineering is a form of computer hacking where an attacker attempts to manipulate someone into performing an action that gives them access to the victim’s information. Most people are familiar with social engineering as it’s used by attackers in various forms of phone scams and fake emails. However, the Tor browser has opened up new doors for social engineers because they can conduct attacks without having to worry about being identified or traced.
For example, a scam artist could create a website called “You Won The Lottery” and tell people they’ve won over $88 million dollars by clicking on this exploited link.
“This link has been exploited in the past. You will be redirected to a website that is not related to the lottery in any way. This is not legitimate and you may lose money if you enter your information.”
If someone clicks on this link then they’ll be led to a fake website that will ask for personal information and potentially steal their details. With the Tor browser, there’s no way for victims to know who created this fake lottery site since it’s hidden from both the attacker and victim. This is just one example of how the Tor browser can be used to commit social engineering attacks, but there are many others as well.
Air gapped computers
Air gapping is when a computer is physically disconnected from any other computer, network or the internet. The Tor browser might seem silly for an air-gapped computer, but there’s a reason why it can be beneficial. In the past, most air-gapped computers have been used by governments to create secret communications among top officials. For example, Hitler’s military used an air-gapped computer so that they could communicate with each other and not be discovered by the Allies.
With the Tor browser turning an air-gapped computer into a connected one, there are some benefits that attackers may find useful. One of these is being able to access the internet without leaving any traces. For example, if someone wanted to target an air gapped device should they use the Tor browser?
The answer is no because there’s no reason to use it. However, what about an attacker who wants to gain access to a firewalled system. They could connect back and forth to the Tor network and create a link with an air-gapped computer that’s directly connected to the firewall. This would allow them quick and easy access without leaving any traces at all.
The Tor Browser has been around for almost 15 years, but the advancements made as of recently have given it far more power than before. The world needs to become more aware of how dangerous these advanced tools can be.
How to Use Tor on Linux and Other Operating Systems
Tor is the best tool to use online, but not everyone wants to install and use it on their computer. If you’re using Linux or you simply prefer using the command line instead of a GUI, then Tails is your best bet. Tails is a Linux distribution that focuses on providing privacy-focused features. It doesn’t require much more effort than a regular Linux operating system, but it’s still extremely hassle-free.
The installation process for Tails is extremely simple as long as you have the right hardware and software that supports it. Customizing your Tails is also very easy. There are tons of pre-configured profiles that you can use without having to lift a finger.
One of the best things about Tails is its option to run everything on the same operating system. This allows you to disconnect from all social media websites, encrypt your files, and even hide your internet browsing history. You’re not limited to using Tails with only one computer either. You can easily take your Tails profile with you wherever you go and that’s great news for anyone who wants full Internet anonymity but still requires connection over the internet in some way (e.g., VPN).
After using Tails for an extended period of time, you’ll notice that it has some noticeable drawbacks. For example, if you’re trying to use Internet Explorer or Microsoft Edge, it may not run as smoothly as you would like. This isn’t due to the software itself but rather the fact that Tails is based on Debian Linux and not Windows. The Tor Browser has also been known to crash at times, but this is usually solved by restarting your browser. Despite these inconveniences, Tails can still be a great alternative to the Tor Browser if you’re looking for something a bit more secure and Linux-oriented.
The Tor browser is an amazing tool, but it’s far from perfect. There are many ways that it can be manipulated and taken advantage of so it’s more important than ever to stay vigilant. It should come as no surprise that the Tor browser has been the target of criminals for years now, and this only continues to happen today.