Massive TOR Hidden Service Compromise

It was announced today on Twitter that one of the major "hidden services" hosting companies, has been delivering malicious content and the hosted sites shutdown after a raid by law enforcement.

Supposed, among the compromised services include "TorMail", which provides anonymized email services.

If TorMail has been compromised, this could have broader reaching effects, including giving the FBI and Interpol the ability to directly access associated accounts outside of Tor hidden services. It would then be easy for the authorities to request from associated websites a log of associated IP addresses.

This spells bad news for anyone who uses Tor for illegal purposes, and a major win for the law enforcement community.

NOTE: You can view deobfuscated versions of the malicious code at my Malware Analysis Google Code site: https://code.google.com/p/caffsec-malware-analysis/source/browse/trunk/TorFreedomHosting/

No comments:

Post a Comment