It was only a matter of time. Hackers have compromised the Tor network. Rumors that both Russian and American government interest in breaking down the network have circulated for years.
De-anonymizing Tor, an IP obfuscation tool that’s been around since 2002, is something a lot of people talk about, but never comes to fruition.
In a blog post published online, the Tor team has relayed information about an attack on their system to the public. It’s finally happened. Hackers breached the Tor network earlier this month.
The results, which the Tor team are assuming was an attack to “de-anonymize users”, seemed to be “partially” successful:
It’s still unclear what “affected” includes. We know the attack looked for users who fetched hidden service descriptors, but the attackers likely were not able to see any application-level traffic…
In theory the attack could also be used to link users to their destinations on normal Tor circuits too, but we found no evidence that the attackers operated any exit relays, making this attack less likely.
Run a super sketchy app that cloaks IPs and tries to win contests online? You’re probably not as safe as you might think you are, which shouldn’t be all that surprising.
The attack, which looks like a two-pronged assault on the network, likely “used a combination of two classes of attacks: a traffic confirmation attack and a Sybil attack.”
Since the breach, the Tor team has removed the breached relays and updated their software to patch the holes that hackers used to gain access to the network.
If you operate a Tor relay, you can update your software.
Last year Edward Snowden’s leaks revealed government groups trying to crack the Tor network. Another government agency also offered up $1.8M in funding to the Tor network to help harden its security and strength its defences against attackers.