Tor network under attack
Posted by: Jon Ben-Mayor on 12/23/2014 10:24 AM
[
Comments
]
On Friday, Tor warned users of an up and coming attack that may attempt the seizure of specialized servers in the network called directory authorities. (Directory authorities help Tor clients learn the list of relays that make up the Tor network.)
The release goes on to say that Tor was taking steps to thwart the potential attack and stresses that the system is already "built to be redundant so that users maintain anonymity even if the network is attacked. Tor remains safe to use." But that status appears to have changed since the Friday post.
According to the Hacker News, Thomas White (@CthulhuSec), an operator of a large cluster of servers providing an exit point for Tor traffic in the Netherlands, warned of a suspicious activity overnight on the servers. The targeted servers, according to DNS data, were hosted in a data center in Rotterdam.
"I have now lost control of all servers under the ISP and my account has been suspended," White wrote on Sunday in an update on the Tor mailing list. "Having reviewed the last available information of the sensors, the chassis of the servers was opened and an unknown USB device was plugged in only 30-60 seconds before the connection was broken. From experience I know this trend of activity is similar to the protocol of sophisticated law enforcement who carry out a search and seizure of running servers."
One anonymous (of course) poster gave this warning on the Tor page: Yes, my inside sources have informed me that the FBI is planning to take down parts of the Tor network as part of the investigation into the source of the Sony hack by North Korean sympathizers.
If you use Tor - you may want to note and temporarily avoid the affected mirrors below:
https:// globe.thecthulhu. com
https:// atlas.thecthulhu. com
https:// compass.thecthulhu. com
https:// onionoo.thecthulhu. com
http:// globe223ezvh6bps. onion
http:// atlas777hhh7mcs7. onion
http:// compass6vpxj32p3. onion
77.95.229.11
77.95.229.12
77.95.229.14
77.95.229.16
77.95.229.17
77.95.229.18
77.95.229.19
77.95.229.20
77.95.229.21
77.95.229.22
77.95.229.23
77.95.224.187
89.207.128.241
5.104.224.15
128.204.207.215
The release goes on to say that Tor was taking steps to thwart the potential attack and stresses that the system is already "built to be redundant so that users maintain anonymity even if the network is attacked. Tor remains safe to use." But that status appears to have changed since the Friday post.
According to the Hacker News, Thomas White (@CthulhuSec), an operator of a large cluster of servers providing an exit point for Tor traffic in the Netherlands, warned of a suspicious activity overnight on the servers. The targeted servers, according to DNS data, were hosted in a data center in Rotterdam.
"I have now lost control of all servers under the ISP and my account has been suspended," White wrote on Sunday in an update on the Tor mailing list. "Having reviewed the last available information of the sensors, the chassis of the servers was opened and an unknown USB device was plugged in only 30-60 seconds before the connection was broken. From experience I know this trend of activity is similar to the protocol of sophisticated law enforcement who carry out a search and seizure of running servers."
One anonymous (of course) poster gave this warning on the Tor page: Yes, my inside sources have informed me that the FBI is planning to take down parts of the Tor network as part of the investigation into the source of the Sony hack by North Korean sympathizers.
If you use Tor - you may want to note and temporarily avoid the affected mirrors below:
https:// globe.thecthulhu. com
https:// atlas.thecthulhu. com
https:// compass.thecthulhu. com
https:// onionoo.thecthulhu. com
http:// globe223ezvh6bps. onion
http:// atlas777hhh7mcs7. onion
http:// compass6vpxj32p3. onion
77.95.229.11
77.95.229.12
77.95.229.14
77.95.229.16
77.95.229.17
77.95.229.18
77.95.229.19
77.95.229.20
77.95.229.21
77.95.229.22
77.95.229.23
77.95.224.187
89.207.128.241
5.104.224.15
128.204.207.215
Comments
