Close Menu
CrafficCraffic
  • Home
  • News
    • Internet
    • Gaming
  • Tech
    • Hardware
    • Gaming Tech
    • Mobile Phones
    • Software
  • Science
    • Astronomy
    • Discoveries
    • Psychology
  • Entertainment
    • Anime
    • Reviews
    • Spotlight
    • WWE
Facebook X (Twitter) Instagram
CrafficCraffic
  • Home
  • News
    • Internet
    • Gaming
  • Tech
    • Hardware
    • Gaming Tech
    • Mobile Phones
    • Software
  • Science
    • Astronomy
    • Discoveries
    • Psychology
  • Entertainment
    • Anime
    • Reviews
    • Spotlight
    • WWE
Facebook X (Twitter) Instagram
CrafficCraffic
Home » Tor browser is struggling with a major security issue
Internet

Tor browser is struggling with a major security issue

Kshitij ThakurBy Kshitij ThakurAugust 11, 2020Updated:August 12, 2020No Comments2 Mins Read
Share Facebook Twitter Pinterest LinkedIn Tumblr Reddit Telegram Email
tor-browsers
Share
Facebook Twitter LinkedIn Pinterest Email

Since Jan 2020, a mysterious group of cybercriminals has succeeded in adding hundreds of servers to the Tor network, in order to perform SSL stripping attacks on the cryptocurrency community.

According to a report from an independent security researcher Nusenu, who has been monitoring this situation for a number of years.

The mysterious group is so prodigious and persistent in performing their attacks, that by May 2020 the attacks were at their peak. They managed to operate 380malicious Tor exit relays (the servers through which user traffic leaves the Tor network and then accesses the public internet), and which means every single user has a 1 out of 4 chance of being attacked from those dangerous servers.

Tor browser

After all this when alarms were raised by Tor directory authorities, the group still reportedly controls more than 10% of Tor exit relays by now.

SSL Stripping Attacks on BitCoin Community

The researcher Nusenu says the group is performing “person-in-the-middle attacks on Tor users by manipulating traffic as it flows through their exit relays” and that they are specifically targeting those users who are accessing cryptocurrency-related websites while using Tor software or Tor Browser. And the goal of the person-in-the-middle attack is to execute “SSL stripping” attacks by downgrading the user’s web traffic from HTTPS URLs to less secure HTTP alternatives without causing TLS certificate warnings.

Simply the SSL STRIPPING ATTACK is replacing your web traffic from HTTPS-TO-HTTP without causing TLS certificate warnings. Through which the group replaces Bitcoin addresses inside HTTP traffic going to Bitcoin mixing services and funnels all your cryptocurrency payments into their own wallets.

ssl-certificate

Bitcoin mixers services are websites which allow users to send Bitcoin from one address to another by breaking the funds into small sums and transferring them through thousands of intermediary addresses before re-joining the funds at its destination address. By replacing the destination address at the HTTP traffic level, the attackers are effectively hijacking the user’s funds without the users or the Bitcoin mixer’s knowledge.

Solution to This Whole Situation

“The full extent of their operations is still unknown, but one motivation appears to be plain and simple: profit,” Nusenu wrote over the weekend. Tor Browser reportedly lacks ability to verify new relay operators at a sufficient scale, which means there is no immediate resolution right now. However, Nusenu says some countermeasures could be implemented at this point (such as HSTS Preloading or HTTPS Everywhere).

Internet News Tor
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Previous ArticleNvidia announces the 1st of September GeForce event with RTX 3080 rumors abound
Next Article How Video games can teach children Data science
Kshitij Thakur

The heavy Sniper, Kshitij is the marksman of the team Craffic. He joined the team in 2018 and his continuous hard work and dedication to the work has made his precision in work unmatched. Kshitij has experience in editing the work of others to foster stronger bonds with fellow authors and working together to improve each other's work.

Related Posts

Gaming

How good will be Gran Turismo 7’s superhuman AI?

February 12, 2022
Internet

Is Facebook Marketplace Safe For You?

February 2, 2022
Entertainment

Chris Evans is all set to join Dwayne Johnson in Amazon’s holiday film Red One

January 26, 2022
Add A Comment

Leave A Reply Cancel Reply

At Craffic we ensure delivering quality content to our readers as they are giving us their precious time to engage with our content. And Craffic was a vision of a group of school friends and they've made it possible by learning the basics of strategies used in the media culture. ‎ ‎ ‎‎ ‎ ‎

Quick Access
  • About Us
  • Contact us
  • Terms of Use
  • Privacy Policy
Facebook X (Twitter) Instagram Pinterest
© 2025 Craffic. Designed by StackX Solutions.

Type above and press Enter to search. Press Esc to cancel.