Stories
Slash Boxes
Comments

SoylentNews is people

Researcher Finds Tor Exit Node Adding Malware to Binaries

posted by azrael on Sunday October 26 2014, @02:26PM   Printer-friendly
from the some-layers-are-rotten dept.

jbWolf writes:

Josh Pitts of Leviathan Security Group has identified a Tor exit node that was actively adding malware to binary files dynamically. He ran across the misbehaving Tor exit node while performing some research on download servers that might be patching binaries during download through a man-in-the middle attack. An article about this can also be found at Threat Post.

 
This discussion has been archived. No new comments can be posted.
Researcher Finds Tor Exit Node Adding Malware to Binaries | Log In/Create an Account | Top | 18 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 3, Insightful) by Fnord666 on Sunday October 26 2014, @06:15PM

    by Fnord666 (652) on Sunday October 26 2014, @06:15PM (#110286) Homepage

    Whether you operate a Unix-like or an NT system, who browses and/or searches for executables over TOR?

    People who don't want everyone to know which executables they are downloading or using. Say for example people who live in places where the possession of software that might avoid censorship is a crime.

    Starting Score:    1  point
    Moderation   +1  
       Insightful=1, Total=1
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   3  

  • (Score: 2) by frojack on Sunday October 26 2014, @08:29PM

    by frojack (1554) on Sunday October 26 2014, @08:29PM (#110321) Journal

    Agreed, It might be more innocent than that.

    There are some people who run their entire internet access over tor, usually by an external tor appliance between their network and the internet.

    When that happens, machines protected by that appliance will check for updates via tor. All internet access will go via tor.
    They specifically mention windows machines looking for windows updates.

    --
    No, you are mistaken. I've always had this sig.

    • (Score: 2) by urza9814 on Thursday October 30 2014, @06:30PM

      by urza9814 (3954) on Thursday October 30 2014, @06:30PM (#111625) Journal

      Yup. My phone does this. So any apps that are updated are being updated through Tor. I actually did try limiting Tor to specific applications, but I found that didn't work very well, a lot of apps would claim they had no connection at all. But if you do transparent proxying of ALL traffic, they work perfectly.

  • (Score: 0) by Anonymous Coward on Sunday October 26 2014, @09:22PM

    by Anonymous Coward on Sunday October 26 2014, @09:22PM (#110342)

    In some moslem countries you can be imprisoned just for downloading programs they do not approve of

    • (Score: 0) by Anonymous Coward on Sunday October 26 2014, @10:40PM

      by Anonymous Coward on Sunday October 26 2014, @10:40PM (#110364)

      I didn't realize Japan was a moslem country. [bbc.co.uk]