Skip to content

Tor vulnerabilities could enable Bitcoin theft on the dark internet

August 12, 2020

According to recently published research An attacker found vulnerabilities in the Tor browser network that could allow them to steal Bitcoin (BTC) from users. Tor was developed by the United States government for anonymous communication on the Internet and has since been welcomed by data protection officers. Due to its data protection-friendly properties, it is also very popular with the inhabitants of the dark network. Many in the crypto community trust Tor and trust their Bitcoin transactions to their security and anonymity.

Confirmed malicious gate exit capacity controlled by a malicious player

The ability to finish malicious goal is controlled by a confirmed malicious player. Source: nusenu.

Tor vulnerabilities could enable Bitcoin theft on the dark internetTor vulnerabilities could enable Bitcoin theft on the dark internet

However after nusenu, Who discovered this attack? Using this feature may not be a good option. Tor protects the anonymity of its users by relaying data through multiple relays. The output relays from Tor are the final leap in the process and the only ones who can see the actual fate of the Tor user. Since January, A malicious group has allegedly started operating a large number of gate output relays. reach a maximum of 23% of the total number in May.

Tor’s malicious outbound relays carried out what is known as a “person in the middle” attack:

“They conduct Tor-in-the-Middle attacks on Tor users by manipulating the traffic that flows through their outbound relays. They remove (selectively) HTTP-to-HTTPS redirects to get full access to HTTP traffic without encryption or to generate TLS certificate warnings. “

This is a known vulnerability for which measures are available. Unfortunately, many website operators do not implement this. According to Nusenu, The attackers mainly focused on Websites related to cryptocurrency. They would replace the user’s Bitcoin address with one of them, so the coins would be sent to the attackers’ wallets:

“They seem to be looking mainly for crypto-related websites, that is, several bitcoin blending services. They have replaced bitcoin addresses in HTTP traffic to redirect transactions to their wallets instead of the user specified bitcoin address. “

The number of hacker-controlled relays had dropped to around 10% by August. Although the researcher reported the vulnerability for some affected Bitcoin services, we do not know how much Bitcoin has already been stolen by hackers.

Receive Breaking News !

Install
×
Enable Notifications    Ok No thanks