Someone is creating fake websites on the dark web to try to lure in and hack people
Earlier this week, on a tor email list, security researcher and founder of the onion search engine Ahmia, Juha Nurmi, wrote that he noticed some weird websites surfacing on onion sites. Nurmi discovered that fake websites were showing up masquerading as well-known dark web sites.
For some context: onion sites are websites that use the prefix ".onion" and are what designate a 'dark web website.' These hidden websites are only accessible through online services like Tor that anonymize web traffic. Nurmi's service Ahmia is an open-source search engine for people using Tor browsers.
Nurmi first noticed that there was a cloned version of Ahmia out there on the dark web, so he decided to do some digging. In total, he's found more than 250 "fake mirror sites."
The people behind this attack are likely trying to scam people who unknowingly click the fake link. Nurmi explained the attack in an email to Business Insider: "Someone runs a fake site on a similar address to the original one and tries to fool people with that."
The sites look like the original ones, although some content is re-written including bitcoin addresses and internal links to the fake website. Nurmi added "The attacker is gathering bitcoin money by spoofing those bitcoin addresses."
Also, given that onion sites are usually a garble of letters and numbers, it's hard to distinguish between the real and the fake site.
The researcher went on to say that it's very likely the attacker is using these fake websites to gather the login info of people accessing the sites.
These sorts of attacks aren't novel - in fact, many hackers do just this to normal websites. What's interesting in this particular case is that the attacker is targeting the dark web specifically and has figured out a way to automate the fake site production. "These sites came on about simultaneously," Nurmi wrote.
Now Nurmi and others are making sure other Tor users are aware of this new up-crop of fake sites.
- I spent 2 weeks in India. A highlight was visiting a small mountain town so beautiful it didn't seem real.
- I quit McKinsey after 1.5 years. I was making over $200k but my mental health was shattered.
- Some Tesla factory workers realized they were laid off when security scanned their badges and sent them back on shuttles, sources say
- Sustainable Transportation Alternatives
- 10 Foods you should avoid eating when in stress
- 8 Lesser-known places to visit near Nainital
- World Liver Day 2024: 10 Foods that are necessary for a healthy liver
- Essential tips for effortlessly renewing your bike insurance policy in 2024