Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

BLOG: Researchers discover Spoiled Onions: Evil Tor exit relays spying on Facebook users

Ms Smith (Network World) | Jan. 23, 2014
First Microsoft remotely deleted Tor from 2 million PCs to takedown the Sefnit botnet, then researchers found a few malicious exit relays running in Russia for MitM attacks.

Finding 25 malicious exit relays in four months "really isn't a lot," the researchers pointed out. So Tor users, try not to freak out. They advised that if you see a warning about a potential attack, don't blow it off. "The important thing to remember is: if that happens when you go to Facebook, Twitter, or your favorite web site, you really shouldn't ignore the warning and try to log in. Otherwise, somebody might have just gotten your password."

Lastly, in Spoiled Onions [pdf], researchers Lindskog and Winter wrote:

To make the Tor network safer, we first developed exitmap; an easily extensible scanner which is able to probe exit relays for a variety of MitM attacks. Furthermore, we developed a set of patches for the Tor Browser Bundle which is capable of fetching self-signed X.509 certificates over different network paths to evaluate their trustworthiness. We believe that by being armed with these two tools, the security of the Tor network can be greatly increased. Finally, all our source code is freely available:

The Spoiled Onion research is fairly complex and you might like to read it in full here [pdf]. Personally, I still recommend using Tor to help protect your privacy.

Source: Network World


Previous Page  1  2  3 

Sign up for CIO Asia eNewsletters.