According to one cybersecurity researcher, a new vulnerability in the privacy browser named Tor has allowed the hackers to access the users’ Bitcoin funds but instead use the additional features that can help avoid those concerns.
Encryption activated
The CEO and founder of the international enterprise security firm Mana Security, Tim Ismilyaev, saying that although the crypto traders “use Tor to overcome government censorship, the resulting anonymity ensures that third parties can’t track you when you’re browsing the net.”
Referring to earlier research in the previous month saying that Bitcoin users and traders who access the Tor network will face an increased risk of their funds that got lost to hackers. This was probable as hackers can manipulate traffic and then launch a “man in the middle” attack to redirect the users to a malicious website.
According to Ismilyaev, Tor’s design is not without weaknesses; he further explains that “User traffic has to pass through several routers and go through an “exit node” before reaching the supposed destination.”
It means that the crypto platforms have also become a target. Ismilyaev continued, “Exit nodes can be abused by a malicious party, making attacks on cryptocurrency websites also possible.”
But it does not mean that users must abandon the Tor usage, Ismilyaev elaborated:
“So my suggestion is to configure the “HTTPS Everywhere” extension of Tor Browser. Just turn on the “Encrypt All Sites Eligible” setting, and it would block any accident attempts to use unencrypted websites.”
He also added that such events equally help solve this concern risks damaging Tor’s users or the secrecy of people owning the exit nodes.
The vulnerability of Bitcoin-Tor
“Nusenu,” a pseudonymous researcher, has singled out in August the Tor users that were being exposed to online attackers and hackers, the latter made use of the network’s nodes to make the malicious attacks.
The researcher said that a malicious party had begun to run many Tor exit relays, peaking at 23% early this year. They also added that it was a “known vulnerability,” but website operators have failed to implement the features and numerous available countermeasures.
They also noted that the attackers were mainly focused on the cryptocurrency-related sites and platforms, then replacing a user’s Bitcoin address and then pocketing the funds once a victim’s relocation went through. The report stated:
“It appears that they are primarily after cryptocurrency-related websites — namely multiple bitcoin mixer services. They replaced bitcoin addresses in HTTP traffic to redirect transactions to their wallets instead of the user-provided bitcoin address.”
Luckily, as Nusenu says, the number of hacker-controlled relays went down to “about 10% as of August.” Nevertheless, it is still unknown how much Bitcoin has already been tapped off by bad actors using the method this year.
No Comment