09:00 ET, 21 March 2014

For more than two months is is present in the official App Store a fake version of the Tor Browser app. It’s full of adware and spyware.

The Tor Browser is the most popular tool for anonymization of the user’s Internet experience, it’s use is literally exploded after the  disclosure of numerous documents leaked by Snowden of US surveillance programs. A growing number of internet users have started to use the popular browser to anonymize browsing sessions and preserve the user’s privacy, avoiding  surveillance of Governments.

As usual cybercrime is very responsive to users’ habits and the events that happen to try to take advantage of them, as occurred in the case of the MtGox in which data leaked by the popular exchange was invented by hackers to infect a large audience with a Bitcoin stealer malware.

In the last couple of months a fake Tor Browser app has been published on the App Store, representatives from Tor Project who have noted the fake app has requested Apple to remove it without success.

The Tor browser app price is $0.99 and contains adware and spying functionality, it is not developed by Tor Project developers and its author is using Tor’s name to deceive Apple users and convince them to download it.

“Tor Browser in the Apple App Store is fake. It’s full of adware and spyware. Two users have called to complain. We should have it removed.” is the message posted in a ticket posted on the Tor Project (#10549 new task).

t1

The fake Tor browser app was first reported to Apple in December, the company replied that is was investigating and its intent was to give the developer “a chance to defend their app.”

 t2

It’s important that all Internet users will stress Apple to remove the Tor Browser app from the store, it is dangerous and could harm user’s privacy despite it’s not clear if the app could preserve the user’s browsing.

At the time I’m writing the Tor Browser app is still present in the App Store.

Pierluigi Paganini

(Editor-In-Chief, CDM)

rsa-logo