Developers behind the banking Trojan Vawtrak have begun obscuring some of their servers with Tor2Web, a move that’s added another degree of difficulty when it comes to uncovering their activity. To this point the malware’s techniques – its evolution beyond banking websites, ability to break encryption, and steal login credentials – have been well documented, but now researchers with the security firm Fortinet claim the Trojan is hiding its servers in Tor2Web to help it better evade detection.
View full story