Tor chirongwa icho chikuru chinangwa chiri kuvandudzwa kwenzvimbo yekuparadzira yekutaurirana neyepasi latency uye yakasimudzwa pa internet, en haina kuburitsa kuzivikanwa kwevashandisi vayo, ndiko kuti, yavo IP kero inoramba isingazivikanwe. Pasi peichi chirevo, bhurawuza rawana mukurumbira uye rave kushandiswa zvakanyanya mumativi ese epasi, kazhinji mashandisirwo aro anoitwa kune zvisiri pamutemo zviitiko zvakapihwa maitiro ekubvumira kusazivikanwa.
Kunyangwe bhurawuza racho richipihwa kune vashandisi kuitira kuti vape kubhurawuza kwakachengeteka uye pamusoro pezvose kupa kusazivikanwa. Vatsvakurudzi veESET vakafumura nguva pfupi yadarika ivo vaona kupararira kwekunyepedzera vhezheni yeTor browser nevasingazive. Sezvo kuunganidzwa kwebrowser kwakaitwa iyo yaive yakamisikidzwa senge yepamutemo yeRussia vhezheni yeTor browser, nepo vagadziri vayo vasina chekuita nekuunganidzwa uku.
ESET Principal Malware Anotsvaga Anton Cherepanov akadaro kuferefetwa kwainge kwaratidza matatu ma wallet e bitcoin aishandiswa nevabiridzi kubvira 2017.
'Chikwama chimwe nechimwe chine huwandu hwakati wandei hwekutengeserana kudiki; isu tinofunga izvi sechibvumikiso chekuti mawallet aya aishandiswa neiyo Trojanized Tor browser "
Chinangwa yeiyi vhezheni yakashandurwa yeTor yaive kutsiva Bitcoin uye QIWI wallets. Kutsausa vashandisi, ivo vagadziri vemubatanidzwa vakanyoreswa iwo matunhu tor-browser.org uye torproect.org (inosiyana nenzvimbo yepamutemo torproJect.org mukusavapo kwetsamba "J", inoshandiswa nevazhinji vanotaura chiRussia).
Dhizaini yenzvimbo dzakanyorwa seyepamutemo Tor saiti. Saiti yekutanga yakaratidza peji reyambiro nezve kushandiswa kwechinyakare vhezheni yeTor browser uye chikumbiro chekumisikidza (apo chinongedzo chakapa kupa kuunganidzwa neTrojan software) uye mune yechipiri zvirimo zvakadzokorora peji kurodhaunirodha Tor browser.
Izvo zvakakosha kutaura izvozvo iyo yakaipa vhezheni yeTor yakagadzirirwa Windows chete.
Kubva 2017, iyo yakaipa Tor browser yakasimudzirwa mumaforamu akasiyana siyana muRussia, muhurukuro dzakanangana ne darknet, cryptocurrencies, kunzvenga Roskomnadzor makiyi uye zvakavanzika nyaya.
Kugovera browser pa pastebin.com, akawanda mapeji akagadzirwawo akagadziridzwa kuratidzwa pamusoro peinjini dzekutsvaga pamisoro ine chekuita nekusiyana kwemabasa, kudzvinyirira, mazita ezvematongerwo enyika ane mukurumbira, nezvimwe.
Mapeji anoshambadzira vhezheni yekunyepedzera yeiyo browser pane pastebin.com akaonekwa anodarika mazana mashanu emazana emakore.
Iyo yekunyepedzera seti yaive yakavakirwa paTor Browser 7.5 kodhi base Uye mukuwedzera kune zvakashata zvakavakirwa-mukati, zvidiki mushandisi mumiririri tweaks, inoremadza yedhijitari siginicha kuisirwa mapulagini, uye nekukiya iyo yekuisa yekumisikidza sisitimu, yaive yakafanana kune yepamutemo Tor browser.
Iyo yakaipa yekuisa yaisanganisira kubatanidza zvemukati mutongi kune iyo HTTPS plugin Yakajairika Kwese Kwese (yakawedzera yekuwedzera script.js script ku expression.json). Shanduko dzakasara dzakaitwa padanho rekumisikidza danho uye ese mabhinari zvikamu akachengetwa mune yepamutemo Tor browser.
Iyo script yakavakirwa muHTTPS Kwese kupi, kana peji rega rega rikavhurwa, yakaenda kune admin server, iyo yakadzosa iyo JavaScript kodhi iyo inofanira kuitiswa mune mamiriro epezvino peji.
Iyo manejimendi server yakashanda seyakavanzika Tor basa. Kubudikidza nekuitwa kweJavaScript kodhi, vapambi vanogona kuronga kubatisisa kwezvirimo zvemafomu ewebhu, kutsiva kana kuviga zvinhu zvinopesana pamapeji, kuratidzwa kwemanyepo emashoko, nezvimwe.
Nekudaro, kana uchiongorora yakashata kodhi, chete kodhi yekutsiva iwo maratidziro eQIWI neBitcoin zvikwama pamapeji ekugashira eritnetnet akanyorwa. Mukufamba kwechiitiko chakaipa, 4.8 Bitcoins akaunganidzwa muzvikwama kuti atsiure iwo, zvinoenderana nemakumi mana ezviuru zvemadhora.