+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

A Russian Botnet Is Attacking The Secret Internet For Criminals - And No One Knows Why

Sep 5, 2013, 18:56 IST

Ars TechnicaThis chart shows how Tor use suddenly doubled in the last few days.Tor, the anonymous, encrypted, parallel web network favored by drug dealers, pedophiles, and privacy activists, is under attack from a Russian botnet and no one knows why.

Advertisement

A huge uptick in traffic was noticed on Tor in the last few days, from 600,000 to 1.2 million users per week. Many people thought that a combination of a new censorship law in Russia, the NSA's PRISM spying program (and Edward Snowden's leaks about it), and attacks by the hackers of the Syrian Electronic Army had driven new users to seek the safety of a network where speech is still unregulated and relatively free.

But the traffic is fake, according to the Fox IT blog:

Typically, it is fairly clear what the purpose of malware is, such as banking, clickfraud, ransomware or fake anti-virus malware. In this case however it is a bit more difficult. It is possible that the purpose of this malware network is to load additional malware onto the system and that the infected systems are for sale. We have however no compelling evidence that this is true, so this assumption is merely based on a combination of small hints. It does however originate from a Russian spoken region, and is likely motivated by direct or indirect financial related crime.

In fact, although Tor promises completely secure, anonymous browsing that's undetectable by law enforcement, it has actually been compromised in one way or another for a while now, according to this research paper detailed by The Irish Times.

Advertisement

The paper reveals a "framework", Mr Wacek said, where 50 per cent of regular Tor users can see their anonymity compromised "within three months" of regular use of the service, while 80 per cent of users would be likely to be identified after six months if their activity was analysed. "We observe that use of BitTorrent is particularly unsafe," the report added, "and we show that long-lived ports bear a large security cost for their performance needs."

In addition, the FBI has been using a program called CIPAV that infects Firefox browsers used by people on Tor. The program is thought to ping identifying information fromt the browser to the feds in Reston, Va.

What the Russian botnet wants, however, remains a mystery.

You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article