Malicous Tor Nodes Are Becoming More Aggressive

By July 18, 2016 Bitcoin Business
Click here to view original web page at themerkle.com
Themerkle_Malicious Tor Nodes

It appears as if there are malicious tor nodes in the wild, which are designed to spy on darknet sites. Ever since Tor was created, it became apparent keeping the entire network safe at all times would be a monumental task. With users running individual nodes on the network, it is hard to determine what their ulterior motives are.

The Potential Harm in Rogue Tor Nodes

Bad exit nodes on the Tor network are nothing new under the sun, as they have been around for quite some time now. What such a node allows users to do is sniff network traffic routed through these connections. Back in 2014, researchers uncovered a total of 25 different bad nodes, all of which managed to decrypt web traffic.

Interestingly enough, this research also indicated how it appeared Russian entities were involved in setting up these bad Tor nodes. But it looks like exit nodes are not the only types of connections being targeted. Ordinary nodes can show malicious behavior as well, which makes Tor traffic less private than it is supposed to be.

So far, there have been over 100 regular Tor nodes identified as acting maliciously. Do keep in mind this is still a small number compared to the over 3,100 modes using the HSDir flag. What such as HSDir flag does is allow for removing the logging of services themselves, as well as ensure deep web addresses remain undiscovered.

But as it turns out, there are a fair few service directories spying on deep web sites. So-called “honeypots” do not appear malicious from the outside, albeit they will ensure website traffic is logged. With this information, honeypot owners can identify addresses websites which are not found through conventional means.

But these nodes can be far more dangerous than just acting as a directory filled with log files. Several nodes were identified to be aggressively probing the Tor network. It is not unlikely the node owners use various exploits to take over particular services. It is possible the majority of these malicious Tor nodes belong to law enforcement agencies, albeit that cannot be concluded with absolute certainty at this stage.

If you liked this article follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin and altcoin price analysis and the latest cryptocurrency news.

Bad exit nodes on the Tor network are nothing new under the sun, as they have been around for quite some time now. What such a node allows users to do is sniff network traffic routed through these connections. Back in 2014, researchers uncovered a total of 25 different bad nodes, all of which managed to decrypt web traffic.

Interestingly enough, this research also indicated how it appeared Russian entities were involved in setting up these bad Tor nodes . But it looks like exit nodes are not the only types of connections being targeted. Ordinary nodes can show malicious behavior as well, which makes Tor traffic less private than it is supposed to be.

So far, there have been over 100 regular Tor nodes identified as acting maliciously. Do keep in mind this is still a small number compared to the over 3,100 modes using the HSDir flag. What such as HSDir flag does is allow for removing the logging of services themselves, as well as ensure deep web addresses remain undiscovered.

But as it turns out, there are a fair few service directories spying on deep web sites. So-called “ honeypots ” do not appear malicious from the outside, albeit they will ensure website traffic is logged. With this information, honeypot owners can identify addresses websites which are not found through conventional means.

But these nodes can be far more dangerous than just acting […]

Leave a Reply