Tor security relies on the low chance of attackers controlling multiple Tor relays, but notable breaches occurred in 2014 and 2020. Key incidents include traffic confirmation and Sybil-style relay deployments that compromised a portion of the network, emphasizing ongoing risks and the need for vigilance and configuration best practices.
Hashtags: #TorSecurityAdvisory #RelayEarly #SSLStrip #GuardRelays #ExitRelays
Hashtags: #TorSecurityAdvisory #RelayEarly #SSLStrip #GuardRelays #ExitRelays
Keypoints
- In 2014, attackers deployed many relays to deanonymize hidden services and users for over five months.
- The 2014 attack combined a traffic confirmation method with a Sybil attack affecting about 6.4% of Guard capacity.
- In 2020, attackers controlled roughly 20% of exit relay capacity and targeted unencrypted HTTP traffic to intercept data.
- Around 23% of exit capacity was malicious in May 2020, followed by another ~19% in June 2020, prompting shutdowns.
- Ongoing defense relies on nine hard-coded Directory Authority nodes, consensus-based trust, and continuous monitoring for anomalous relays.
Read More: https://deepweb.net/blog/newest/attacks-against-tor-relays