Tor, the hackers' network, is vulnerable

On April 4, the Mossos d’Esquadra announced that they had launched a denial-of-service attack – popularly known as a DDoS – against RansomHouse’s page on the Tor network, which hosts 4.5 GB of the data stolen from the Clínic hospital in the infiltration that these hackers did on March 5.

One of the things that was surprising was that, until now, DDoS attacks were thought to be impossible on Tor. This network is part of what is known as the dark web, which is estimated to contain 6% of all internet content. To access it you need special software. It is not the only one, but it is the most popular, as there are others such as Freenet and I2P, for example. It should not be confused with the deep web or infranet, which is the part of the internet that is not publicly accessible and that is not indexed, such as all those sites that require a password to access . The infranet is the lion’s share of network content, as it represents 90% of the total.

The network that we all use every day, public and indexed, contains only 4% of the internet’s content. In any case, the big difference with the dark web is the routing system or, what is the same, the way information flows through the network. Tor uses routes between a series of nodes to move the user’s request to the server that contains the information they want to query and from the server to the user. These routes are random both on the way out and on the way back. In addition, the information between the nodes is encrypted and each of the nodes alone knows the next node to send information to, but not what information is being sent or who made the request, or from which server the information is being sent.

This makes Tor a network that ensures the anonymity and privacy of the actors who operate on it. Moreover, the design of its communication protocols is precisely what was believed to make it invulnerable to DDoS attacks. But not anymore.

Tor began to be designed in the mid-1990s at the US Naval Research Lab, when it became clear that the Internet could be used for surveillance and tracking purposes. It was first deployed in October 2002 and since 2006 has been administered by the Tor Project Inc., a non-profit organization. The same one that warned, in February of this year, that something was happening and that “for at least seven months, several different types of continuous DDoS attacks have affected the network. At some points, the attacks affected the network in a manner severe enough that users could not load pages or access services.”

Those responsible for Tor do not provide details of how or who has carried out these attacks or what vulnerability has been exploited, but sources consulted by La Vanguardia talk about the possibility that the attackers have introduced malicious nodes. According to the Stack Overflow site, whose services have also been affected by these attacks, they were received from Tor exit nodes.

In this network, thanks to the anonymity it offers, you can find sites dedicated to the forgery of documents and credit cards, extreme pornography, the sale of weapons and drugs, among many other illegal activities. From this point of view, there are those who may consider it something or desirable that it is more difficult to access this network.

But the same thing that makes this network the ideal haven for cybercriminals – security, anonymity and the difficulty of tracing – makes it ideal for the safe exchange of information. In this sense, Tor is used by the armed forces of the United States and by a lot of activists who work from countries where rights and democracy are in danger.

In this way, in Tor there are services such as Secure Drop, which are used by some media such as The Guardian so that readers can send them information anonymously. Or Global Leaks, which is used by Barcelona City Council with the aim of maintaining an anonymous mailbox so that citizens can report cases of corruption. Also Tails, a Linux distribution designed to preserve privacy, can be downloaded from its website on Tor. During the preparation of the 1-O referendum in Catalonia, some activists used Tails to leave no trace of their teams.

Exit mobile version