The large increase is probably caused by Locky. http://arstechnica.com/security/2016/02/locky-crypto-ransomware-rides-in-on-malicious-word-document-macro/ http://researchcenter.paloaltonetworks.com/2016/02/locky-new-ransomware-mimics-dridex-style-distribution/ As far as I know, each infection is a new .onion that gets generated. Their instructions to decrypt look like this: http://i.imgur.com/abAiFUP.png On 02/18/2016 10:37 PM, aka wrote: > Lots of fucking cryptolocker ransomware, generating an own onion and > bitcoin address for every "customer". > > Scfith Rise up: >> I am just wondering why there has been a huge increase in .onion domains on http://metrics.torproject.org. Is this just an error or something else going on? >>
Attachment:
signature.asc
Description: OpenPGP digital signature
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk