Tor network users may have been identified by hackers


The anonymous internet network Tor has been hacked, allowing an unknown person or persons to track user information.

Tor is designed to protect the identity of users by distributing commands around the globe, rather than in the user's location. People who need to protect their identity, such as human rights activists and criminals, commonly use the service to try and evade government tracking.

However, it has been revealed by German media the NSA has logged the identity of many of its users living outside of the United States in the past.

The network said in a blog post, alerting users to the issue: "While we don't know when they started doing the attack, users who operated or accessed hidden services from early February through July 4 should assume they were affected."

It also said it doesn't know how many users of the service were affected.

Amichai Shulman, CTO of Imperva says such services are often used and abused by pirates and hardened criminals who use it to hide child pornography, drug trafficking and terrorism activities.

He said: "This in turn makes the Tor network a target for all intelligence agencies as well as some domestic security organizations. I suspect the reported attack, targeted mostly at people who operate and access Tor hidden service, is of that origin."

Fred Touchette, manager of security research at AppRiver, explained the hacker may have seen the fact the service is trying to keep people anonymous as a challenge.

"Ever since its conception people have been trying to find a way to de-anonymize the users of Tor. Oftentimes this was done to make it a stronger network and repair its issues, but other times it was in order to out its users," he said.

"One such situation comes to mind and that's the take down of The Silk Road. The Feds spent plenty of time trying to crack the code before they were able to simply take control of the servers that hosted the site."

Tor has advised its users to download and install the latest version of the software, which includes a patch for a vulnerability discovered by Carnegie Mellon University.

Clare Hopping
Freelance writer

Clare is the founder of Blue Cactus Digital, a digital marketing company that helps ethical and sustainability-focused businesses grow their customer base.

Prior to becoming a marketer, Clare was a journalist, working at a range of mobile device-focused outlets including Know Your Mobile before moving into freelance life.

As a freelance writer, she drew on her expertise in mobility to write features and guides for ITPro, as well as regularly writing news stories on a wide range of topics.