Tor onion suchmaschine2/13/2023 ![]() onion domain names do leak into the DNS system. RFC 7686 ( The “.onion” Special-Use Domain Name) goes into more details on the special case of. onion domain names but these names are not resolved over DNS but instead work only in the Tor network. ![]() Onion domain names don’t use DNS or do they? The advantage of using Tor is of course, anonymity and the difficulty to block or take down the infrastructure. At first, they started using Tor gateway domain names such as onion.to, onion.link within the proxy auto-config URLs, later on they switched to Tor completely. ![]() One of notable changes was the introduction of Tor in 2016. While the Retefe actors are constantly changing tactics, for example their newest campaigns also target Mac OS X users, their malware still works the same. We recommend you read up on it on our blog links posted above if you are not familiar with it. To understand the story of this blog post, it helps to understand the modus operandi of the Retefe malware. ![]() Almost a year went by until they changed to the still current approach of setting a proxy auto-config (PAC) URL (See also blog post “ The Retefe banking Trojan has targeted Switzerland“). At that time, it changed the local DNS resolver on the computer (See also blog post “ Retefe Bankentrojaner” in German only). Switzerland is one of the main targets of the Retefe banking trojan since its first appearance in November 2013. ![]()
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |