A fake TOR browser dubbed “Rodeo” that simulates Tor browser has been found attracting users to create their accounts on the website which is actually present in the dark web. The fake website is a marketplace for all kinds of illegal products stealing money from users.
The malicious Tor Browser was found by Lawrence Abrams (security researcher from Bleeping Computer). The researcher said that the browser is spread using YouTube tutorials that educate non-technical users how to purchase products from a Dark Web marketplace named The Rodeo.
According to the researcher:
“The Rodeo Browser is coded in .NET and none of its buttons work. When users try to click on anything, an error like the one below is displayed.”
“The only thing that works is the Settings drop-down menu, which provides users with the option to load The Rodeo marketplace. When users press this option, the fake Tor Browser pretends to connect to a fake onion site called th3rod3o3301jtxy.onion.”
Rodeo enables the users to obtain illegal products from the dark web and pay using Bitcoins. But in fact, the website seems to be a scam to steal people’s money.
“Bleeping Computer believes the site’s operator allows users to place orders to various vendors, but all messages reach the same person, who then provides victim’s with Bitcoin addresses where they can make payments before receiving their products. Based on the three Bitcoin addresses we found, at least three users sent Bitcoin to the site’s operator(s).”