I'm just starting to do Tor-related things, wondering if anyone is using them
./start-tor-browser.desktop Can an attacker not change the script to start a backdoor in the background after starting the script? I'm about to do the same for research purposes.
The first idea has a drawback, unless you endanger the Tor Browser download website. (This would not work because Tor is signed.) (This only works if you download and verify the signature file.) You must already have access to the computer to be able to target and have write access to the Tor directory.
If you have ideas or know who has already done so, please leave a comment.
Second Idea: This has been done on a larger scale using Tor Exit nodes, which used malicious nodes to patch downloaded binaries with malicious versions. So my idea is that you have a local area network that you control and have the means to identify Tor users. You could specifically control the traffic and patch the binaries of their downloads with malware.
My second idea is not to infect Tor browser downloads. I'm talking about disrupting Tor user downloads by checking the local network traffic targeting Tor users and then patching the binaries with malware from these downloads.