Illustration by Alex Castro / The Verge
Researchers at Kaspersky have found malware hidden in a modified version of the anonymity-preserving Tor Browser, distributed in a way that specifically targets users in China.
According to details published in a blog post on Tuesday, the malware campaign reaches unsuspecting users through a Chinese-language YouTube video about staying anonymous online. During the research period, the video was the top result for the YouTube query “Tor浏览器,” which translates to “Tor browser” in Chinese. Beneath the video, one URL links to the official Tor website (which is blocked in China); another provides a link to a cloud-sharing service that hosts an installer for Tor, modified to include malicious code.
Once the file is executed, it installs a…