Everyone can crack Tor for $ 3000

    “You don't have to be an NSA to hack Tor. Budget way to deanonymize ” - two hackers formulated the topic of their report and promised a month later at the Black Hat 2014 conference to demonstrate how, having“ a handful of powerful servers and a couple of gigabit connections ”available, you can attack Tor using“ basic vulnerabilities in design and implementation network ".

    Speakers will present a dozen cases: from seizing control of a botnet to exposing sites with child pornography and drug trafficking.

    Prior to this, it was believed that large organizations could do it, and after the discharge of Snowden, the NSA's successes in this field became known. A report stating that the NSA was monitoring two German Tor servers.

    At the CCS 2013 conference, a team of researchers from the Naval Research Laboratory led by Aaron Johnson published the article “Users Get Routed: Traffic Correlation on Tor by Realistic Adversaries” . They also developed Tor Path Simulator to analyze traffic correlation and simulate path selection, which allows Tor users to be identified with 95% accuracy.



    Alexander VolynkinResearcher at CERT Cyber ​​Security Solutions. He conducts research in the field of network security, malware behavior analysis, advanced reverse engineering techniques, and cryptanalysis. Alexander is the author of several scientific publications, books on the analysis of malware behavior, and the author of a patent in the field of “full disk encryption”. Volynkin has won many awards for his research and publications.


    Michael McCord is a software vulnerability analyst with the Forensic Operations and Investigations team at Carnegie Mellon University. His research includes Android security, malware analysis, botnet technology, and network anonymity.

    “Want to find out Tor's IP address?” Not a problem.
    Trying to calculate the location of the Hidden Service? Done.
    We know, because we already did this in real conditions ... "


    Also popular now: