Stories
Slash Boxes
Comments

SoylentNews is people

Researcher Finds Tor Exit Node Adding Malware to Binaries

posted by azrael on Sunday October 26 2014, @02:26PM   Printer-friendly
from the some-layers-are-rotten dept.

jbWolf writes:

Josh Pitts of Leviathan Security Group has identified a Tor exit node that was actively adding malware to binary files dynamically. He ran across the misbehaving Tor exit node while performing some research on download servers that might be patching binaries during download through a man-in-the middle attack. An article about this can also be found at Threat Post.

 
This discussion has been archived. No new comments can be posted.
Researcher Finds Tor Exit Node Adding Malware to Binaries | Log In/Create an Account | Top | 18 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by urza9814 on Thursday October 30 2014, @06:27PM

    by urza9814 (3954) on Thursday October 30 2014, @06:27PM (#111623) Journal

    Theoretically, you could capture an entire binary in-transit and patch it within the network

    Not unless you can break the encryption...

    Your requests and data -- including metadata like destination IP address -- are encrypted all the way from the source node to the exit node. The reason almost all attacks on Tor traffic are being done by the exit node is because that's the only place where you can get the request unencrypted.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2