Last week left cybersecurity nerds scratching their heads after traffic to Tor, the free software suite that enables anonymity online, quintupled in less than a week. It was obviously too good to be true, and now we know why. A Russian botnet is threatening to bring the whole network down.
This is bad news for the anonymous internet. Researchers at Fox IT identified the particular botnet being used by the intruders as either "Mevade.A" or the older "Sefnit." Whatever it's called, the botnet had been communicating in HTTP but recently switched to Tor, where it's "massive in size as well as very widespread," according to the researchers. They're not exactly sure why the botnet is going after Tor but say it's "likely motivated by direct or indirect financial related crime." Regardless of the reasoning behind the attack, it certainly puts users in the Tor network at risk.
A botnet like this can be pretty vicious, and unfortunately for those users, it's not the only attack Tor's faced lately. A little over a month ago, an unknown hacker—read: probably the FBI—hit Tor with malware that threatened to reveal the anonymous users' identities by exploiting a security flaw in the Firefox browser. The incident was linked to the arrest of kiddie porn kingpin Eric Eoin Marques who had recently been arrested in Ireland, and many believed that the Tor intruder was just trying to identify other sickos in the child pornography business. Regardless of the reasoning, though, this kind of exploit is bad news for the anonymous internet.
No comments:
Post a Comment
If you have a comment regarding the post above, please feel free to leave it here.