The infamous black market website Silk Road was recently brought down by the FBI. The Silk Road and other deep web/dark web sites were only accessible through the use of Tor, a web browsing-encryption tool.
Tor has long been the standard for avoiding tracking online and spy agency authorities are fully aware of its existence. The Guardian recently revealed that the NSA and GCHQ (the UK’s version of the NSA), have both been attempting to crack the Tor network’s obfuscation techniques and see what users are doing.
So far, these efforts have been totally unsuccessful, which means Tor has stood strong against a full-time assault by some of the world’s top spy agencies.
Unfortunately, the browsers through which you access Tor have not stayed as strong. Apparently, the NSA and GCHQ have found a way to infect Firefox browsers with the Tor plugin installed. Here’s how that trick works:
-The NSA installed rogue code on particular websites, including a widespread infection that took place after the FBI grabbed Darknet servers and installed malicious code on all hosted sites
-When internet users visited these websites, they were infected
-The infection only affected people using the Tor network
-This system was able to identify some Tor traffic and install tracking software on users’ computers
-This exploit worked in Firefox 17, although the Firefox team soon plugged the particular hole the authorities were using
You can read a very in-depth technical discussion of how the attack worked by clicking here to read another The Guardian article.
Apparently, this is more than just a plan. This is a legitimate technique currently being used to identify Tor users. So umm, if you’re a hitman or a drug user who currently performs transactions on Tor, you should be extra careful about the websites you visit.
Fortunately, as it stands now, Tor has not been compromised and the Firefox-browser-with-Tor remains safe to use.