A group of cybercriminals have successfully smuggled hundreds of additional servers into the privacy-focused Tor Browser network, which are used to launch attacks against the cryptocurrency community. Tor operators have been fighting hackers since January, according to a report by independent security researcher Nusenu, who has been monitoring the network for several years. At the height of the attack in May, hackers operated a total of 380 Tor output relays (the servers that connect the network to the public Internet), meaning each user had a one in four chance of being routed. through a dangerous server. Despite three separate attempts to take down the malicious server network after the Tor directory authorities raised alarms, the group still controls more than 10% of output relays today.
Tor browser security
Having gained a solid foothold on the Tor network, which is widely considered one of the most secure, hackers have launched targeted attacks against users of cryptocurrency websites. "They perform 'nobody in the middle' attacks on Tor users by manipulating traffic as it flows through their output relays," Nusenu wrote. "They (selectively) remove redirects from HTTP to HTTPS to gain full access to unencrypted HTTP traffic without causing TLS certificate warnings." This type of attack is known as SSL stripping and allows malicious actors to take advantage of the fact that users rarely type full website URLs (including https://). In this context, hackers use the exploit to replace bitcoin addresses in unsecured HTTP traffic and funnel cryptocurrency payments into their own wallets. The Tor Browser would not have the ability to search for new relay operators on a sufficient scale, meaning there is no immediate resolution in sight. However, Nusenu claims to have contacted the cryptocurrency websites used to execute the hijacking attacks, who might choose to implement countermeasures (such as HSTS preloading or HTTPS Everywhere). Tor Browser did not immediately respond to our request for comment.- Here is our list of the best VPN services available.