. . . If I'm not mistaken, the people behind TORwallet won't be able to access the individual wallets . . .
Why would you think that? I'm pretty sure they can.
Because of that unique address you need to access the wallet. Of course, it was setup to be a scam from the beginning they could harvest that someway on registration, but the coins I deposited are still sitting in my unique wallet so I'm not sure what is what
The way it works is:
They give you a unique address.
This address is associated by them with a bitcoin address (or addresses) in
their wallet.
Because the bitcoin addresses are in their wallet, that have the private keys and full access to send the coins wherever they like.
This means that when you add bitcoins to TORWallet, you are
giving them your bitcoins and trusting them to give them back on request.
The unique address allows you to see how many of
their bitcoins were sent by you to them.
When the scam hadn't been activated yet, it also allowed you to request that they send some of those bitcoins elsewhere.
When the scam hadn't been activated yet, your request would be honored, and they would send their bitcoins to the address you requested them to be sent to.
The unique address keeps someone else (other than you and them) from requesting that those bitcoins be sent somewhere.
After the scam is activated, they no longer honor requests from you to send their bitcoins anywhere, they can still send them anywhere they like, anytime they like.