The cryptosphere’s new kryptonite – Many bitcoin users utilize the Tor network to anonymize and secure their transactions. Unfortunately, it appears that an attacker is particularly targeting these individuals with a modified version of Tor nodes, causing important bitcoins to be lost.
Tor: the Scapegoat for Cryptocurrencies
Tor is an open-source program that enables safe Internet connection by utilizing a network of nodes whose sole purpose is to transmit communications. As a result, it essentially serves as a VPN for users.
In reality, a user will route his packets over the Tor network to the destination site. As a result, the final site will not know the first user’s IP address. This is made feasible by the software’s onion routing, which allows the data to be encrypted at each transit node. Only the address of the next node will be known at the end.
The researcher claimed at the time that the attacker managed to flood the Tor network with malicious Tor exit relays three times, capping their assault infrastructure at about 23 percent of the whole Tor network’s exit capacity before being shut down on each occasion by the Tor team.
However, an Attack Was Successful
According to a two-part analysis issued by researcher Nusenu, an attacker utilized Tor to steal cryptocurrency throughout 2020. To complete his robbery, the latter has set up a huge number of exit relay nodes on the network, which are the last to receive messages before passing them back to the “regular” network.
The attacker targeted communications destined for sites connected to cryptocurrency and altered the destination address to his own address using a modified version of the code of these nodes.
“It seems that they mainly go after cryptocurrency-related websites, namely several bitcoin mixing services. They replaced bitcoin addresses in HTTP traffic to redirect transactions to their wallets instead of the user-provided bitcoin address. »
The first section of Nusenu’s study report
Tor’s developers repeatedly knocked its nodes down in response to this attack. Unfortunately, the bandit refused to give up. According to the research, the latter controlled up to 27% of the exit relay nodes in February 2021.
Despite having knocked down over 1,000 servers, Nusenu claims that as of May 5, 2021, the attacker still controls between 4% and 6% of the whole Tor network’s exit capacity, with SSL stripping operations still underway.
Furthermore, Nusenu stated that the attacker appears to be interfering with downloads after attempting SSL strip assaults since last year, however, it is unclear what precisely they are tampering with or if the attacker is utilizing other approaches.
The Tor Project provided a number of suggestions in August 2020 on how website operators and Tor Browser users should defend themselves against these sorts of assaults. Users who use the Tor browser to access bitcoin or other financial websites should adhere to the following guidelines.
>> How to buy Bitcoin with Creditcard?
>> How to buy Bitcoin with Paypal?
>> How to buy Bitcoin anonymously?
Tor is a decentralized network that encrypts users’ web traffic and routes it via a number of relays before it reaches its final destination.
Furthermore, unlike the blockchain, Tor is not totally open, allowing any service to be created on top of it. Tor is a three-protocol proxy (when Tor sends a request, it will go through 3 nodes of the Tor network). In its network, there are two primary server roles: The relay server is one of them.
The Tor Project, Inc. is a 501(c)(3) research-education nonprofit corporation located in Seattle that was formed by computer scientists Roger Dingledine, Nick Mathewson, and five others. The Tor Project is largely responsible for the upkeep of the Tor anonymity network’s software.
