Tor Project removes relays because of for-profit, risky activity

The Tor Project has explained its recent decision to remove multiple network relays that represented a threat to the safety and security of all Tor network users. Tor network relays are routing points that help anonymize the original traffic source through the Tor network by receiving and passing on encrypted data to the next node. They are operated by volunteers and enthusiasts passionate about privacy, security, anonymity, and freedom of information on the internet. Tor Project discovered that some relay operators engaged in a high-risk, for-profit cryptocurrency scheme that promised monetary gains with cryptocurrency tokens without endorsement or approval of The Tor Project. "We consider these relays to be harmful to the Tor network for a number of reasons, including that certain of the relays do not meet our requirements, and that such financial schemes present a significant threat to the network's integrity and the reputation of our project as they can attract individuals with malicious intent, put users at risk, or disrupt the volunteer-driven spirit that sustains the Tor Community." - Tor Project. Many of the operators whose relays were disconnected put themselves at risk by not being aware of the project they were contributing to. Others were running the relays in unsafe or high-risk regions. Removing the relays from the network sparked many discussions in the community around relay policies and what constitutes a violation, so the Tor team shed some light about their decision. Operating relays for profit goes against the noble-spirited principle of volunteers fighting internet censorship and pervasive surveillance, which sustains and powers the community. If the "For-profit" element is to take scale and consume a large percentage of the Tor network's relays, power from the community would fall into dubious hands, and the network's safety would be undermined by invasive centralization. BleepingComputer has contacted The Tor Project for more details about the removed relays and the risks they posed to the network but did not receive a reply. A user commenting under Tor's post claims that the blocked relays are linked to ATor, and their number is nearly a thousand. According to the service's site, "ATOR empowers decentralized internet relay operators through on-chain rewards, and facilitates wider provision of open and anonymous protocols through hardware." Kinsing malware exploits Apache ActiveMQ RCE to plant rootkits. Fraudsters make $50,000 a day by spoofing crypto researchers. Ethereum feature abused to steal $60 million from 99K victims. Microsoft: BlueNoroff hackers plan new crypto-theft attacks. New macOS 'KandyKorn' malware targets cryptocurrency engineers.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 30 Nov 2023 23:19:27 +0000


Cyber News related to Tor Project removes relays because of for-profit, risky activity

Tor Project removes relays because of for-profit, risky activity - The Tor Project has explained its recent decision to remove multiple network relays that represented a threat to the safety and security of all Tor network users. Tor network relays are routing points that help anonymize the original traffic source ...
11 months ago Bleepingcomputer.com
CVE-2021-22283 - Improper Initialization vulnerability in ABB Relion protection relays - 611 series, ABB Relion protection relays - 615 series IEC 4.0 FP1, ABB Relion protection relays - 615 series CN 4.0 FP1, ABB Relion protection relays - 615 series IEC 5.0, ABB ...
1 year ago
Tor vs. VPN: What They Do and Which is Better - The Tor browser is a tool that anyone can download for Linux, Mac, Windows and mobile devices. The Tor browser is primarily used to protect your identity online. Tor also protects your online privacy by preventing websites and services from tracking ...
11 months ago Pandasecurity.com
Tor University Challenge: First Semester Report Card - In August of 2023 EFF announced the Tor University Challenge, a campaign to get more universities around the world to operate Tor relays. The primary goal of this campaign is to strengthen the Tor network by creating more high bandwidth and reliable ...
11 months ago Eff.org
Tor's new WebTunnel bridges mimic HTTPS traffic to evade censorship - The Tor Project officially introduced WebTunnel, a new bridge type specifically designed to help bypass censorship targeting the Tor network by hiding connections in plain sight. Tor bridges are relays not listed in the public Tor directory that keep ...
8 months ago Bleepingcomputer.com
The Tor Network is Being Attacked Continuously by DDoS - The Tor Project recently revealed that its network has been under attack from Distributed Denial-of-Service (DDoS) attacks for the past seven months. This has caused issues with network connectivity and performance, making it difficult for users to ...
1 year ago Hackread.com
The Tor Network Has Been Experiencing Distributed Denial of Service Attacks for Seven Months - For the past seven months, the Tor anonymity network has been the target of multiple distributed denial-of-service (DDoS) attacks, its maintainers reported this week. These attacks have been so severe that users have been unable to access pages or ...
1 year ago Securityweek.com
Russian pleads guilty to running crypto-exchange used by ransomware gangs - Russian national Anatoly Legkodymov pleaded guilty to operating the Bitzlato cryptocurrency exchange that helped ransomware gangs and other cybercriminals launder over $700 million. As a Bitzlato co-founder and principal stakeholder, Legkodymov has ...
11 months ago Bleepingcomputer.com
$25M gone in 12 seconds! Brothers accused of Ethereum heist The Register - These transactions are grouped onto blocks that are chained together, hence the name. As the name suggests, validator bots attest that proposed blocks of Ethereum transactions are valid and send those blocks to a committee of fellow validators to ...
6 months ago Go.theregister.com
Samsung 'Sees Fourth-Quarter Chip Rebound' - Analysts expect Samsung to show lowest profit drop in six quarters in latest sign of semiconductor market recovery. Samsung Electronics is expected to report a smaller drop in profits than has become usual over the past year and a half, in the latest ...
10 months ago Silicon.co.uk
Tor Browser 13.5.6 Released - What's New! - For Windows, macOS, and Linux users, Firefox has been updated to 115.16.0esr, with additional fixes like removing the hash check on updates (bug tor-browser#42737) and implementing the YEC 2024 Takeover for Desktop Stable (bug tor-browser#43098). The ...
1 month ago Cybersecuritynews.com
Tor Browser 13.5.6 Released - What's New! - GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents. Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, ...
1 month ago Gbhackers.com
Hijacking Your Bandwidth How Proxyware Apps Open You Up to Risk - Is this true? To examine and understand the kind of risks a potential user might be exposed to by joining such programs, we recorded and analyzed network traffic from a large number of exit nodes of several different network bandwidth sharing ...
1 year ago Trendmicro.com
Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
1 year ago Heimdalsecurity.com
CVE-2006-4508 - Unspecified vulnerability in (1) Tor 0.1.0.x before 0.1.0.18 and 0.1.1.x before 0.1.1.23, and (2) ScatterChat before 1.0.2, allows remote attackers operating a Tor entry node to route arbitrary Tor traffic through clients or cause a denial of service ...
7 years ago
A Series of Distributed Denial of Service Attacks Targeting Tor and I2P Networks - Recently, many people have been having issues with Tor network connectivity and performance, such as onion and i2p sites loading slower or not loading at all. Tor Projects Executive Director Isabela Dias Fernandes revealed that a wave of distributed ...
1 year ago Bleepingcomputer.com
How the FBI seized BlackCat ransomware's servers - An unsealed FBI search warrant revealed how law enforcement hijacked the ALPHV/BlackCat ransomware operations websites and seized the associated URLs. Today, the US Department of Justice confirmed that they seized websites for the ALPHV ransomware ...
11 months ago Bleepingcomputer.com
Cyber Insights 2023: The Geopolitical Effect - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. The Russia/Ukraine war that started in early 2022 has been mirrored by a ...
1 year ago Securityweek.com
Why the Keitaro TDS keeps causing security headaches - A software company named Keitaro has long been labeled by cybersecurity vendors as a legitimate traffic distribution system vendor, yet the company's product is repeatedly used for malicious activity by cybercriminals. Despite being described as a ...
7 months ago Techtarget.com
Azure Serial Console Attack and Defense - This is the second installment of the Azure Serial Console blog, which provides insights to improve defenders' preparedness when investigating Azure Serial Console activity on Azure Linux virtual machines. While the first blog post discussed various ...
11 months ago Msrc.microsoft.com
Dev rejects CVE severity, makes his GitHub repo read-only - Fedor Indutny, due to a CVE report filed against his project, started getting hounded by people on the internet bringing the vulnerability to his attention. In recent times, open-source developers have been met with an uptick in receiving debatable ...
4 months ago Bleepingcomputer.com
Dev rejects CVE severity, makes his GitHub repo read-only - Fedor Indutny, due to a CVE report filed against his project, started getting hounded by people on the internet bringing the vulnerability to his attention. In recent times, open-source developers have been met with an uptick in receiving debatable ...
4 months ago Bleepingcomputer.com
Dev rejects CVE severity, makes his GitHub repo read-only - Fedor Indutny, due to a CVE report filed against his project, started getting hounded by people on the internet bringing the vulnerability to his attention. In recent times, open-source developers have been met with an uptick in receiving debatable ...
4 months ago Bleepingcomputer.com
CVE-2021-33719 - A vulnerability has been identified in SIPROTEC 5 relays with CPU variants CP050 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP100 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP300 (All versions < V8.80). ...
2 years ago
CVE-2021-33720 - A vulnerability has been identified in SIPROTEC 5 relays with CPU variants CP050 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP100 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP300 (All versions < V8.80). ...
2 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)