Hacking group have found a way to steal Bitcoin assets by redirecting transactions, this is done by taking advantage of Tor network vulnerabilities. More and more hacking groups are actively taking advantage of this opportunity, the Bitcoin cryptocurrency is detected to be specifically targeted by them.
The Tor Anonymous Network Hacked by Criminals To Steal Bitcoin
Computer criminals are actively hijacking Bitcoin cryptocurrency assets by taking advantage of security weaknesses in the TOR anonymous network. Many transactions that are routed through them can be “redirected” by the criminals thereby hijacking the transaction amount to their wallets instead of the legitimate receiving party. News of a hacking group that is continuously stealing cryptocurrency assets and their methods was published by nusenu, a security professional.
This is easily done by overtaking the Tor exit nodes — these are the “faucets” of the network, the gateways through which the traffic comes out of the anonymous network and into the wider Internet. By having control over them the hackers can remove the protective protocols and see the users data, also having the ability to modify it.
The main hacking attack method relies on the filtering of cryptocurrency related websites – most targeted are the Bitcoin mixer services which are often used by Bitcoin trading parties. These services work by replacing the long bitcoin addresses in HTTP traffic and redirect them to the wallets directly without the users having to provide the address.
These types of attacks are not novel, they have been used used in the past however the scale of the ongoing attacks is unprecedented. It is speculated that a very large part of the exit nodes are now controlled by different hacking groups – depending on the report the figures can range anywhere between 10-20% of the whole network.
The TOR anonymous network is known to be used for many criminal activities including the hosting of illegal content, trading of forbidden goods and taking orders for hacking sites and companies. For this reason more and more criminals gather in it and now appear to be a formidable percentage of all users.
A solution is proposed which should acta s a short-term remedy: to limit the amount of exit nodes and the provisioning of “known operators” — those that can prove that they are not hackers by identifying themselves.