1 min read

Browser Exploit Unmasks Tor Users

Răzvan STOICA

August 06, 2013

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Browser Exploit Unmasks Tor Users

Exploitation code targeting a known bug in the Mozilla browser was found on hidden Tor services hosted by the FreedomHosting company, whose owner is now facing extradition to the United States, where he is apparently being charged with distribution of online child pornography.

The aim of the hack seems to have been to de-anonymize Tor Browser Bundle users who were visiting the compromised services. There is much speculation as to the source of the attack code, but nothing is known with certainty, except that the executable delivered by means of the exploit was “phoning home” to an IP address in the United States. The address’ assignee is not (yet?) known.

The attack was completely automated, all that was required of the victims was to visit one of the compromised sites using a vulnerable browser.

According to the Tor project maintainers, the latest version of the Tor Browser is not vulnerable but users of earlier versions should update at their earliest convenience. Bitdefender has added detection for the exploit.

tags


Author


Răzvan STOICA

Razvan Stoica is a journalist turned teacher turned publicist and technology evangelist. Recruited by Bitdefender in 2004 to add zest to the company's online presence.

View all posts

You might also like

Bookmarks


loader