Kaspersky Lab researchers find ChewBacca and Zeus malware on Tor

Kaspersky Lab researchers have detected ChewBacca and Zeus malware on anonymous Tor network, which is primarily unrestricted, free software operating through the Internet.

The researchers have found that about 900 hidden services are currently online on Tor network through its 5,500 nodes and 1,000 exit nodes.

Kaspersky Lab said Tor has users just like the ordinary Internet but it enables its users to remain anonymous during their activity in the net.

The security firm noted that it is impossible to identify the user’s IP in Tor, making it harder to determine who the user is in real life.

Cybercriminals have recently started actively using Tor to host malicious infrastructure, Kaspersky Lab said.

The researchers identified Zeus with Tor capabilities, then they detected ChewBacca and analysed the first Tor Trojan for Android.

Kaspersky Lab senior security researcher of global research and analysis team Sergey Lozhkin said hosting C&C servers in Tor makes them harder to identify, blacklist or eliminate.

"Although creating a Tor communication module within a malware sample means extra work from the malware developers, we expect there will be a rise in new Tor-based malware, as well as Tor support for existing malware," Lozhkin said.

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

Sign up for our regular news round-up!

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

I would also like to subscribe to:

Thank you for subscribing