Here's the Tweet that kicked off a Twitter thread where Tor project shared an article describing the attack:
Researches found that a malicious actor was distributing a modified version of Tor.
Any user who may have downloaded this modified version of Tor Browser will now redirected to the official Tor Project repository when requesting an update.
This is an important reminder to download Tor Browser only from official sources, including our website, website mirrors, Get Tor bots and our Telegram channels. Learn more here:
Here's the Tweet that kicked off a Twitter thread where Tor project shared an article describing the attack:
https://twitter.com/torproject/status/1577452903417061376 [Nitter]
https://twitter.com/torproject/status/1577452905711345664 [Nitter]
That article shared in the Tweet:
'Poisoned' Tor Browser tracks Chinese users' online history, location https://www.cyberscoop.com/modified-tor-browser-chinese-targeting [12ft proxy] [Archive]