The attacker steals $40,000 in bitcoin through a fake version of the Tor browser.

According to the Electronic Frontier Foundation, ESET researchers recently discovered a fake "Trojan horse" version of the Tor browser, which stole a total of $40,000 in bitcoin. This does not mean that the Tor or Tor browser itself is threatened in any way. This only means that the attacker has found a new, insidious way to create and distribute fake versions of the Tor browser. In this case, the attacker also used the modified manifest.json file to falsify EFF's own HTTPS Everywhere extension and made some setting changes. The attacker used a fake HTTPS Everywhere extension in its activities because Tor actually packaged the HTTPS Everywhere and No Script extensions into its browser. Tor's Trojan horse version contains details like a normal extension that prevents users at the tip of the eye from capturing red reminders that indicate they are using a fake browser.