Report: Tor Network Users Were Spied On Via Compromised Exit Relays

Anonymous communication network Tor Network was reportedly under a continuous large-scale attack as up to 25% of its exit relay capacity was hijacked. This is according to a report published by cybersecurity researcher and Tor node operator Nusenu.

Malicious Tor Network Servers Spell Doom For Users

The attack, which was reportedly initiated in early 2020 by an unidentified hacker, went undetected for over 16 months. According to the report, users of Tor Network were spied on and might have had their data stolen as the malicious servers added to the network's exit relays, tracks. and intercepts crypto-related data.

The Tor Network is open-source software that allows users to anonymize their Internet traffic by sending it through a network of servers operated by volunteers. This is done by directing network traffic through a series of relays to mask a user's IP address and location and usage from surveillance or traffic analysis.

While the middle relays typically take care of receiving traffic on the network and pass it along–the exit relay is the final node that Tor traffic passes through before it reaches its destination.

The hacker allegedly took advantage of the system by adding their malicious nodes, disguising them as “exit relays” to the network. The plan was to intercept sensitive information like crypto addresses in transaction requests made by users to switch and redirect their cryptocurrencies to their wallets.

The report says the hacker has also recently started modifying downloads made through Tor, but it is unclear to what end or what other techniques they might be using.

Most of the malicious relays have been removed by developers, Nusenu revealed. However, the hacker has not backed down as it is still constantly rebuilding its network. If going by Nusenu's estimations, up to 10% or even more of Tor's exit relay capacity could still be controlled by the attacker to this day. Nusenu said,

“The recurring events of large scale malicious Tor relay operations make it clear that current checks and approaches for bad-relays detection are insufficient to prevent such events from reoccurring and that the threat landscape for Tor users has changed.”

Cybercriminals Continue to Torment the Tor Network

The Tor network's history with malicious actors is well documented. In December 2019, hackers distributed a compromised version of the official Tor Browser, which had malicious tools to spy on users and steal their Bitcoin.

The scammers had reportedly used forums and the Pastebin website to distribute their offering, targeting Russian-speaking users of the Tor network. The cybercriminals were first documented and exposed by researchers at IT security firm ESET.

Get Daily Headlines

Enter Best Email to Get Trending Crypto News & Bitcoin Market Updates

What to Know More?

Join Our Telegram Group to Receive Live Updates on The Latest Blockchain & Crypto News From Your Favorite Projects

Join Our Telegram

Stay Up to Date!

Join us on Twitter to Get The Latest Trading Signals, Blockchain News, and Daily Communication with Crypto Users!

Join Our Twitter

Add comment

E-mail is already registered on the site. Please use the Login form or enter another.

You entered an incorrect username or password

Sorry, you must be logged in to post a comment.
Bitcoin Exchange Guide