The Tor Project has explained its recent decision to remove multiple network relays that represented a threat to the safety and security of all Tor network users. Tor network relays are routing points that help anonymize the original traffic source through the Tor network by receiving and passing on encrypted data to the next node. They are operated by volunteers and enthusiasts passionate about privacy, security, anonymity, and freedom of information on the internet. Tor Project discovered that some relay operators engaged in a high-risk, for-profit cryptocurrency scheme that promised monetary gains with cryptocurrency tokens without endorsement or approval of The Tor Project. "We consider these relays to be harmful to the Tor network for a number of reasons, including that certain of the relays do not meet our requirements, and that such financial schemes present a significant threat to the network's integrity and the reputation of our project as they can attract individuals with malicious intent, put users at risk, or disrupt the volunteer-driven spirit that sustains the Tor Community." - Tor Project. Many of the operators whose relays were disconnected put themselves at risk by not being aware of the project they were contributing to. Others were running the relays in unsafe or high-risk regions. Removing the relays from the network sparked many discussions in the community around relay policies and what constitutes a violation, so the Tor team shed some light about their decision. Operating relays for profit goes against the noble-spirited principle of volunteers fighting internet censorship and pervasive surveillance, which sustains and powers the community. If the "For-profit" element is to take scale and consume a large percentage of the Tor network's relays, power from the community would fall into dubious hands, and the network's safety would be undermined by invasive centralization. BleepingComputer has contacted The Tor Project for more details about the removed relays and the risks they posed to the network but did not receive a reply. A user commenting under Tor's post claims that the blocked relays are linked to ATor, and their number is nearly a thousand. According to the service's site, "ATOR empowers decentralized internet relay operators through on-chain rewards, and facilitates wider provision of open and anonymous protocols through hardware." Kinsing malware exploits Apache ActiveMQ RCE to plant rootkits. Fraudsters make $50,000 a day by spoofing crypto researchers. Ethereum feature abused to steal $60 million from 99K victims. Microsoft: BlueNoroff hackers plan new crypto-theft attacks. New macOS 'KandyKorn' malware targets cryptocurrency engineers.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 30 Nov 2023 23:19:27 +0000