VPN Articles and News

Hackers Behind Xbox and PlayStation Attacks Target Tor

By
Monday, January 26th, 2015


While people were busy with their Christmas celebrations, the hacker group which goes by the name “Lizard Squad” was engaged in disrupting some of the major networks on the web. After taking down Microsoft Xbox Live and Sony PlayStation’s online service, the group shifted its attention towards the anonymity service Tor (The Onion Router). Before attacking Tor, the group made its intention clear by tweeting that it is going to test a new Zero Day vulnerability (security flaw that is not yet known to the vendor or service provider) upon the anonymity service. The events of last few weeks (starting with the attack on Sony’s infrastructure in late November) have ensured that December’ 2014 would go down in the history as the period when a large number of cyber-attacks took place.

Tor is one of the most widely used anonymity services on the web and it is especially popular among privacy activists, whistleblowers, dissidents as well as criminals and hackers. The attack on Tor came only a few days after the team behind the project warned about the possibility of such an attack. The service has been breached in the past (a black market operating within the network was shut down by FBI in 2013) and recent media reports have also suggested that the network does not provide bulletproof level of anonymity on the web. Nevertheless, people continue to trust Tor and use it as their preferred anonymity service.

In order to bring down the Tor service, the Lizard Squad tried to overwhelm the network with thousands of new relays (going by the acronym “LizardNSA”). Relays (also called nodes) in Tor are nothing but a series of routers which perform the job of routing the traffic on the network. At one point in time, the group’s nodes accounted for as many as 6,000 of the total 10,000 relays that were available on the network. If an attacker or a group of attackers manages to control enough number of relays, they can capture the private data of users whose traffic is being relayed through the compromised nodes. The method of attacking Tor by setting up relays isn’t exactly new since an attacker tried the same tactic and also managed to steal some user data just few months back.

While the Lizard Squad tried its best to compromise the integrity of Tor, its efforts did not have the intended effect thanks to a built-in security mechanism that is present within the network. New relays included within Tor have to go through a series of checks before they are integrated seamlessly into the network. As per the explanation provided the Tor team last year, capacity of new nodes is restricted to 20 KB/s for the first few days to prevent such relays from abusing or overwhelming the network. Once the attack was identified, the Tor team also sprang into action and began the process of removing Lizard Squad’s nodes from the network. Had they not done so, the data of a large majority of Tor users would have been compromised within the next few days.


January 26, 2015
Comments

Leave a Reply

Your email address will not be published. Required fields are marked *


7 + 5 =