Tor Malware

Posted: August 7, 2013

Threat Metric

The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to give every identifiable malware threat. Our Threat Meter includes several criteria based off of specific malware threats to value their severity, reach and volume. The Threat Meter is able to give you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count, Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic breakdown of how all threats are ranked within our own extensive malware database. The scoring for each specific malware threat can be easily compared to other emerging threats to draw a contrast in its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to remove a threat or pursue additional analytical research for all types of computer users.

The following fields listed on the Threat Meter containing a specific value, are explained in detail below:

Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.

Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.

Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.

Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.

% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.

Threat Level:	1/10
Infected PCs:	96

First Seen:	August 7, 2013
OS(es) Affected:	Windows

Tor Malware is a spyware program that currently appears to be a US government-sponsored program based on CIPAV – the Computer and Internet Protocol Address Identifier. Tor Malware's functions are designed to transfer basic identification information about your PC to what most likely is a sub-division of the DEA or Drug Enforcement Administration, hence defeating the entire purpose of the Tor anonymity service. Updated versions of TOR are protected against current samples of Tor Malware, although Tor Malware's development most likely is ongoing, and SpywareRemove.com malware researchers can only recommend all appropriate anti-malware defenses to block or remove Tor Malware as is needed.

Tor Malware: the Limits of the Ideals of American Freedom in Cyberspace

While the practical limitations on one's rights to privacy often crop up in contexts related to Facebook and other services that gather user information passively, the involvement of actual malware usually is a rarity. Tor Malware has emerged onto the Internet's landscape in the most bombastic way possible, by directly attacking the privacy of Web surfers who visit Freedom Hosting-based websites and use the Tor Browser – both of which are related directly to preserving the freedom of their users. Tor Malware's distribution appears to make heavy use of JavaScript exploits that enable easy drive-by-download attacks, although SpywareRemove.com malware experts note that updated software should provide ample protection from the last known attacks of this stripe.

Tor Malware, unlike most spyware, isn't after your bank account passwords or other such information. Instead, the Tor Malware gathers some basic information about your PC, such as your IP address, and sends the identifying information off to an IP address that currently is believed to be related to the United States DEA. The information is believed to be incorporated into an identification database pertaining largely (but not solely) to non-US citizens. The arrest of Eric Marques of Ireland is one of the latest incidents potentially related to Tor Malware, and Mr. Marques currently is being held without bail on charges related to the distribution of child pornography.

Taking the Malware Out of Your Tor

SpywareRemove.com malware research team warns that Tor Browser users are especially vulnerable to Tor Malware attacks as a direct result of the lack of automated security updates for that browser. Tor Browser versions corresponding to Firefox 17 or prior (as a modified version of that browser) should be considered especially at risk for Tor Malware infections. As usual, Tor Malware also gives PC users ample reasons for disabling JavaScript when it's not being used by absolutely trustworthy website – or, at the least, updating JavaScript regularly to block these kinds of vulnerabilities.

As concealed surveillance malware or spyware, Tor Malware is a threat to your PC that doesn't have any symptoms correlated to its presence. Despite its potential for government-authorized origins, Tor Malware should be removed by relevant anti-malware software when Tor Malware is discovered, just like any other form of spyware.

Technical Details

Additional Information

The following URL's were detected:

getmusicsearch.com

One Comment

Mike Morris says:

July 20, 2016 at 12:01 am

I believe I downloaded an e-mail that contained this virus. It stated that all my files had been encrypted and I would have to follow some trail of websites to get into them again. When I checked indeed much of my data was inaccessible. I would obviously like to dump this virus but would also like to access my files again. Is that possible with Spy Hunter software?