endthelie.com / By Madison Ruppert / August 5, 2013
(Image credit: screenshot from Robtex)
Malware aimed at uncovering the anonymous identities of Tor users reportedly sent information to an IP address that belongs to the National Security Agency (NSA), routed through Science Applications International Corporation (SAIC).
Tor, an anonymity network originally short for The Onion Router, was developed with contributions from individuals who worked for the Navy and the NSA. This latest revelation comes as the NSA is under increasingly intense scrutiny around the world for their data harvesting activities.
It also comes on the heels of a report stating that the FBI regularly employs hackers to develop malware and an earlier report which stated that the US government is the world’s largest buyer of malware.
The NSA link was uncovered by researchers from Baneki Privacy Labs, a group of Internet security researchers, along with Cryptocloud, a VPN provider.
The IP address, hardcoded into the JavaScript exploit, was discovered by Cryptocloud but a Baneki source told Ars Technica that they reached out to other researchers in the malware and security community to identify the source.
The exploit specifically targeted FireFox Extended Support Release 17 for Windows, the same browser that was released as a part of the Tor Project’s Tor Browser Bundle.
The vulnerability exploited was patched by Mozilla in June of this year and the patched version is part of the new Browser Bundle.
READ MORE