Tor is a tool that protects your identity while browsing the internet. While it is known as the ‘Darknet’ by some due to how it can be used to distribute pornographic and child abuse images, the main purpose of this project is to give people freedom of speech without having to identify themselves – particularly those in politically unstable countries. And Tor is used by many people around the world to anonymously surf the web.
Now, however, it is being reported that malware is specifically targeting Tor users.
On Sunday, Tor reported that there was a malware attack “which was carried out by exploiting a vulnerability in some versions of Mozilla Firefox”:
“The vulnerability allowed a malicious piece of JavaScript code to be injected into Freedom Hosting’s servers, and start feeding information back to a remote webserver. The perpetrators of the attack are not known.”
(Freedom Hosting is a company that has specialized services to host/run Tor.)
The attack that took advantage of “vulnerability in the Windows version of the Firefox Extended Support Release 17 browser” which was used in Tor Bundle Brower (TBB). Although this vulnerability “had been patched by Firefox” back in June, TBB version of Firefox doesn’t support automatic updates so users with old versions may not have been protected if they hadn’t upgraded manually.
This time only Windows users were affected, but this doesn’t mean that Linux and Mac OS X users couldn’t be targeted in the future.
Because of this new malware, Windows users are being strongly recommended by Tor and security experts to switch to either Linux or Mac OS X:
“Really, switching away from Windows is probably a good security move for many reasons.”
For those who want to remain on Windows, you should update Firefox, switch off JavaScript, and upgrade Tor to the latest version but be were warned that certain websites may not be accessible due to lack of JavaScript.
It is believed that the creator of the malware may have been the FBI or “a law enforcement agency” in the U.S. because the malware does nothing but collect user data including hostname and MAC address of victims’ computer, and it also coincides with the owner of Freedom Hosting, Eric Eoin Marques, getting arrested for being the largest distributor of child pornography. According to the Irish Independent, he is currently being held by the Irish authorities and is waiting to be pending to be extradited to the U.S.
How many dotTechies use Tor? Let us know in the comments below!
[via Telegraph UK, The Tor Blog, Irish Independent, image via CBC]