SoylentNews is people
SoylentNews
Josh Pitts of Leviathan Security Group has identified a Tor exit node that was actively adding malware to binary files dynamically. He ran across the misbehaving Tor exit node while performing some research on download servers that might be patching binaries during download through a man-in-the middle attack. An article about this can also be found at Threat Post.
This discussion has been archived.
No new comments can be posted.
Researcher Finds Tor Exit Node Adding Malware to Binaries
|
Log In/Create an Account
| Top
| 18 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Stop me, before I kill again!
(Score: 2) by frojack on Sunday October 26 2014, @08:29PM
Agreed, It might be more innocent than that.
There are some people who run their entire internet access over tor, usually by an external tor appliance between their network and the internet.
When that happens, machines protected by that appliance will check for updates via tor. All internet access will go via tor.
They specifically mention windows machines looking for windows updates.
No, you are mistaken. I've always had this sig.
(Score: 2) by urza9814 on Thursday October 30 2014, @06:30PM
Yup. My phone does this. So any apps that are updated are being updated through Tor. I actually did try limiting Tor to specific applications, but I found that didn't work very well, a lot of apps would claim they had no connection at all. But if you do transparent proxying of ALL traffic, they work perfectly.