Industry News

Browser Exploit Unmasks Tor Users

Exploitation code targeting a known bug in the Mozilla browser was found on hidden Tor services hosted by the FreedomHosting company, whose owner is now facing extradition to the United States, where he is apparently being charged with distribution of online child pornography.

The aim of the hack seems to have been to de-anonymize Tor Browser Bundle users who were visiting the compromised services. There is much speculation as to the source of the attack code, but nothing is known with certainty, except that the executable delivered by means of the exploit was “phoning home” to an IP address in the United States. The address’ assignee is not (yet?) known.

The attack was completely automated, all that was required of the victims was to visit one of the compromised sites using a vulnerable browser.

According to the Tor project maintainers, the latest version of the Tor Browser is not vulnerable but users of earlier versions should update at their earliest convenience. Bitdefender has added detection for the exploit.

About the author


Razvan Stoica is a journalist turned teacher turned publicist and
technology evangelist. When Bitdefender isn't paying him to bring complex subjects to wide audiences, he enjoys writing fiction, skiing and biking.

Razvan Stoica started off writing for a science monthly and was the chief
editor of a science fiction magazine for a short while before moving on to
the University of Medicine in Bucharest where he lectured on the English
language. Recruited by Bitdefender in 2004 to add zest to the company's
online presence, he has fulfilled a bevy of roles within the company since.

In his current position, he is primarily responsible for the communications and community-building efforts of the Bitdefender research and technology development arm.