Home / Software & Gaming / Security / Many Tor sites compromised, including Tormail

Many Tor sites compromised, including Tormail

At least half of all Dark Net websites using the TOR network have been compromised, infected with FBI sanctioned malware that can potentially track a site visitor's IP address and the owner of the Freedom Hosting company that provided a lot of the back end storage for many of the web's underbelly of child pornography sites, has been arrested.

Described by the FBI as the world's biggest proliferator of child porn, FBI arrested Eric Eoin Marques, is currently awaiting a ruling on whether he will be extradited to the United States to face child abuse image distribution charges. He has not been granted bail.

It was his servers that provided the back bone for many TOR accessible “onion” sites, so when the hosting service was compromised, the FBI was able to take advantage. To attempt to identify visitors to these sites, the FBI installed a JavaScript zero-day exploit that creates a cookie that fingerprints the person's browser and then presumably reports that person's IP to the FBI. However, this exploit only works if the person using the TOR browser has JavaScript running while visiting these .onion sites – which is unlikely if they're smart.

If you're good with JavaScript and would like to look at the code in question, this pastebin has it in its entirety.

It is thought that the exploit only affects Windows PCs running a version of Firefox 17.

tor
As long as you use the Tor Browser Bundle and don't use it to visit any public sites, you're probably ok

Normally in situations where child pornographers and its distributors were getting busted, it would be solely cause for celebration. But while it is, there's also a lot of people that are wary of where this crackdown will lead. The TOR network is used for a lot more than just illegal porn. There's also the drugs market SilkRoad, which many believe to be a morally just venture and this in turn is backed by the growth of value in BitCoin, which could also have its future somewhat jeapardised, as without big markets like SR, it would have far fewer avenues for growth.

Looking at the SilkRoad forums, there's much worry among members, but the owner of the site, Dread Pirate Roberts, hasn't responded, other than to ask if anyone knew how the Freedom Hosting provider was tracked down and eventually arrested.

On top of sites like this, many considered TOR a viable way to stay off the radar when it comes to the NSA's PRISM and GCHQ's Tempora schemes, but that seems even less likely now.

KitGuru Says: I'm sure any KG TOR users don't want to out themselves here, but are there any of you that are worried by this news? Or are you simply happy that a Child porn distributor is set to be locked up for a long time?

[Thanks Reddit]

Become a Patron!

Check Also

Nvidia driver update fixes crucial security vulnerabilities

Nvidia GeForce, RTX, Quadro, NVS and Tesla GPU users will want to update their drivers soon. Nvidia has pushed out a hotfix with a number of critical security fixes that if left unfixed, could allow for unauthorised access to systems.