Sign up for our newsletter
Technology / Cybersecurity

Tor confusion following Interpol strike

The Tor anonymity network is reeling following an international police strike last week against hidden services said to be involved in the distribution of illegal drugs.

Several relays used to mask users were said to have been seized in the raid, while three Tor servers used as "exit nodes" in the network’s infrastructure were taken down.

Writing on their official blog, Tor said: "We do not know why the systems were seized, nor do we know anything about the methods of investigation which were used.

"Tor is most interested in understanding how these services were located, and if this indicates a security weakness in Tor hidden services that could be exploited by criminals or secret police repressing dissents."

White papers from our partners

Initial reports that 400 websites had been taken down were later revised after police realised the figure referred to URLs rather than domains, with the Federal Bureau of Investigation (FBI) telling Forbes the action had in fact brought 27 websites offline.

Tor said that the hidden services might have been decrypted through the exploitation of operational security errors, SQL injection or Bitcoin unmasking, while several attack strategies against the network itself were suggested.

Earlier this year hackers at a Black Hat conference in Las Vegas were due to give a talk about how they had uncloaked Tor users through traffic monitoring, but cancelled at the eleventh hour.

"People suspect that those attacks were carried out by CERT (Computer Emergency Readiness Team) researchers," Tor said.

"While the bug was fixed and the fix quickly deployed in the network, it’s possible that as part of their attack, they managed to deanonymise some of those hidden services."

It added that the "guard node" that is aware of the IP address of a given hidden service might also have been discovered by attackers and exploited to reveal the location of the target.

"In a way, it’s even surprising that hidden services have survived so far," Tor said. "The attention they have received is minimal compared to their social value and compared to the size and determination of their adversaries."
This article is from the CBROnline archive: some formatting and images may not be present.