Someone is taking over Tor, since January there has been a group of hackers working tirelessly to hijack the private network, considered one of the most secure in the world, and currently control more than 10% of the exit nodes that allow intercepting network traffic.

According to a report by the independent security researcher nusenu, who has been monitoring the Tor network for years, more than 23% of the Tor network egress capacity has been attacking Tor users.

A large-scale attack to steal cryptocurrencies

What Is Tor Featured Image Big

Nusenu wore since December 2019 warning of the growing problem of malicious relays within the Tor network, but so far this wonderful year it has only gotten worse.

When we use a traditional browser, our computer connects directly to the server of the website that we want to visit through a relatively simple route (PC> ISP router> Web server). With Tor that path is much less direct and much more complex: the so-called Onion Routing.

How does the Tor network work?

Explained in the simplest possible way, Onion Routing calculates a more or less random route and makes the traffic go through several intermediate nodes, encrypting the message in several layers like those of an onion. Only the last node in the path can decrypt the message from the previous node, and the process is repeated several times.

Tor Wallpaper Plain By Khardros Dab4p0c Pre
Tor Wallpaper Plain By Khardros Dab4p0c Pre

Every Tor user has had a one in four chance of having their traffic compromised by malicious nodes

The exit nodes or “exit relays” are the last jump in the chain of 3 relays and it is the only type of relay that gets to see the connection with the real destination chosen by the Tor browser user. It is these nodes that are being attacked. Depending on the protocol used (http vs. https), the exit node can see and manipulate the content that is transferred.

The Tor network consists of more than 7,000 nodes in its overlay network, and the group of hackers that is attacking it has managed to operate 380 Tor exit nodes, which put the risk that traffic is compromised in one of four ways for each Tor user.

Tor has been battling the problem, but despite three separate attempts to get rid of the malicious nodes, the group still controls more than 10% of the exit nodes to this day. The objective seems to be the theft of cryptocurrencies, since hackers have launched attacks targeting users of cryptocurrency websites such as Bitcoin.

Share Tor has been fighting all 2020 against cybercriminals who are taking over the network to intercept user traffic