The Tor Project has responded to recent reports that law enforcement agencies in Germany have successfully infiltrated the Tor network to unmask criminals, stating that “Tor users can continue to use Tor Browser to access the web securely and anonymously.”
An investigative report by German media outlets Panorama and STRG_F revealed that German police had surveilled Tor servers for months, using timing analysis techniques to deanonymize users of darknet sites.
The report claimed this led to the identification and arrest of an administrator of a pedophile forum.
In response, the Tor Project acknowledged that one user of an outdated application called Ricochet was likely deanonymized through a “guard discovery attack.” However, they emphasized that this vulnerability has since been patched in current versions of Tor software.
Decoding Compliance: What CISOs Need to Know – Join Free Webinar
“For the great majority of users worldwide that need to protect their privacy while browsing the Internet, Tor is still the best solution for them,” the Tor Project stated.
They encouraged users to keep their software up-to-date to benefit from the latest security improvements.
The organization noted that the reported attacks occurred between 2019-2021, and that since then they have implemented new processes to identify and remove potentially malicious relays from the network.
They also highlighted that the number of exit nodes has increased significantly in recent years, improving the network’s speed and capacity.
However, the Tor Project expressed frustration at not being given full access to details of the reported attacks. They have called for anyone with additional information to contact them securely to help assess any remaining vulnerabilities.
While acknowledging the potential for misuse, the Tor Project defended the importance of online anonymity tools, stating: “Tor is one of the few alternatives that provide a vision and actionable model for a decentralized Internet that make this sort of attack impractical for those who seek to surveil a large portion of internet users.”
The organization encouraged volunteers to contribute bandwidth and relays to further strengthen and diversify the Tor network against potential attacks or surveillance efforts.
Are You From SOC/DFIR Teams? - Try Advanced Malware and Phishing Analysis With ANY.RUN - 14-day free trial