20 September 24, 06:02
Quote:Tor is an important service on the Internet when it comes to anonymity. It is free and can be used by anyone to hide information such as a device's public IP address.Continue Reading
Tor is used by people from all over the world to overcome censorship. While it is used for good, it is abused as well. Cybercriminals are using Tor for the very same purpose: to stay anonymous and evade law enforcement.
Also of interest: Tor launched WebTunnel Bridge recently as a new way to overcome censorship
Anonymity cracks
Law enforcement agencies in Germany have monitored Tor servers for months to identify individual users. The agencies managed to identify a server of the ransomware group Vanir Locker that the group operated from within the Tor network.
The group announced that it would release copied data from one of its latest coups on the server. Law enforcement agents managed to identify the location of the server by using a technique that is called Timing Analysis.
Timing Analysis is used to link connections to nodes in the Tor network to local Internet connections. The method depends on the monitoring of as many Tor nodes as possible, as this increases the chance of identification.
This confirms that law enforcement is monitoring Tor nodes. It seems likely that German law enforcement agencies are not the only ones using the technique for identification.
A state office of criminal investigations took over the Tor address of the ransomware group and redirected it to a new page. This prevented the release of the stolen data on the page.
Reporters from ARD, a publicly financed broadcasters, were able to view documents that confirmed four successful identifications in a single investigation, according to reports. Agencies used the technique to identify members of a child abuse platform.
...