An anonymous Tor network for several months was hacked by unknown

The Tor team reports that everyone who used the Tor service from February to July 4 should admit that they were subjected to this attack. The creators of Tor, however, cannot tell how dangerous it is: the crackers monitored those who receive public keys for hidden services, but were unlikely to monitor traffic at the application level (that is, they most likely did not know which pagesloaded and whether the specified user visited a specific hidden service).

The attack could also set as its goal to determine who publishes the descriptors of hidden services, which could allow the crackers to understand where the specific hidden service was located. It is possible, although it is less likely that hackers tried to identify users who simply carried out web surfing on ordinary Internet resources using Tor.

The Tor team reports that the attack used special methods of traffic analysis, with which the crackers tried to track the one who was behind traffic. The Tor team noticed suspicious changes at the end of January, but then she considered that this did not create any threat. Recently, patches have been made, designed to close the most obvious holes in security, the Tor team also works on new methods that complicate the analysis and comparison of traffic by crackers.

Who is behind the attack? Surely the Tor team cannot say anything, but the researchers of the University of Carnegie Mellon who promised to perform 6 are called the main assumption—August 7 with a report at the Black Hat conference. In this lecture, we should talk about a practical way in which it is possible without serious resources, to identify hundreds of thousands of Tor network users in a few months. The lecture was canceled for unclear reasons.

If there are truly researchers, and not the special services of any countries or just attackers, then this is the most favorable scenario, regardless of the level of threat of an anonymous network. However, the leading media reported that the US National Security Agency attempted to hack Tor, and recently we wrote about the tender of the Ministry of Defense of the Russian Federation, the purpose of which — Circum protection Tor.


  • The Verge

Leave a Reply

Your email address will not be published. Required fields are marked *