The Tor Project has warned users about a subtle attack aimed at partially uncloaking their activities on the anonymising network.
The attack, which ran from late January until early July, when it was thwarted, bears hallmarks attributed to a an attack slated for description in a cancelled Black Hat conference presentation.
However, there's been no confirmation of this from the Carnegie-Mellon University team behind the cancelled Black Hat talk, so this crucial point remains unclear.
The university pulled the hotly anticipated talk on the advice of its lawyers and the researchers behind it have been silent ever since.
The Tor Project has removed the attacking relays from its network as well as pushing out software node and client updates to prevent the same type of attack from happening again. A lot of questions remain unanswered for now, but the developers behind the anonymisation network have at least been able to put together a broad overview of what seems to have happened, as explained in an advisory (extract below).
On July 4 2014 we found a group of relays that we assume were trying to deanonymize users. They appear to have been targeting people who operate or access Tor hidden services. The attack involved modifying Tor protocol headers to do traffic confirmation attacks.
The attacking relays joined the network on January 30 2014, and we removed them from the network on July 4. While we don't know when they started doing the attack, users who operated or accessed hidden services from early February through July 4 should assume they were affected.
Unfortunately, it's still unclear what "affected" includes. We know the attack looked for users who fetched hidden service descriptors, but the attackers likely were not able to see any application-level traffic (e.g. what pages were loaded or even whether users visited the hidden service they looked up).
The attack probably also tried to learn who published hidden service descriptors, which would allow the attackers to learn the location of that hidden service. In theory the attack could also be used to link users to their destinations on normal Tor circuits too, but we found no evidence that the attackers operated any exit relays, making this attack less likely.
News about the new attack - which may be related to security research - comes days after the Russian government set a $110,000 bounty for cracking Tor. Anonymous internet usage in Russia is surging and the Russian Interior Ministry is looking for partners skilled enough to decipher information about users on the network. Only those accredited to work on government projects need apply.
Lance Cottrell, founder and chief scientist Anonymizer.com (an “anonymiser” that precedes the Tor project), said the vulnerability at the heart of the attack was typical of its type.
“This is just another vulnerability that allows hostile Tor node operators to compromise user anonymity. It's inevitable given the architecture," Cottrell said. "Tor attempts to improve user privacy by having a large number of volunteers running their servers, and sending traffic through chains of three servers so no one person need be trusted.
“Unfortunately anyone can set up servers, and well funded attackers could set up large numbers of them. Using vulnerabilities in the Tor protocol and modified servers these attackers have and will continue to be able to unmask Tor users and hidden Tor services," he added.
The more servers an attacker owns, the greater the potential for a successful attack, the privacy expert added.
“Tor generally chooses its chains of servers randomly. If an attacker controls a large number of servers, then there is a reasonable chance that they will control both the first and last server in the chain. This allows them to quickly identify traffic flowing through Tor and connect the users with their activity.
“The last Tor node in the chain can see the direct connection to websites. If those connections are insecure or vulnerable, the attacking exit node can modify the content to send malware or trackers to the user," he concluded. ®