Saturday, December 27, 2014

Potential Hack alert ( December 26 , 2014 ) - Tor hacked while the world focuses on " The Interview " Shenanigans ! The seriousness of the alleged breach remains an open question , but take this as a fwiw caution !



The stability of the overall Tor network depends in the Directory Authorities (DA), at least 5-6 Directory Authorities (DA) must be operational to keep the network updated and operating. Taking down 5 or more Directory Authorities servers the Tor network will become unstable, and the integrity of any updates to the consensus cannot be guaranteed.

An attack against the Directory Authorities (DA) could be conducted by law enforcement or Intelligence agencies to sabotage the Tor network, but anyway it is not effective to de-anonymize Tor users.

Thomas White (@CthulhuSec) is an operator of a large cluster of servers in the Netherlands, he warned of a suspicious activity overnight on the servers. According the operator, he has lost the control of the servers that are hosted in a data center in Rotterdam.


 Retweeted 9 times

Who hacked a cluster of Tor servers in the Netherlands? | Security Affairs by

A cluster of Tor servers suffered an unexplained outage just after the warning of the Tor project. Only certainty is someone physically accessed servers.

Recently the experts at the Tor project issued a warning of a possible cyber attack against the Tor network through the seizure of the Directory authorities that can “incapacitate” the overall architecture.


RT : Tor Project statement on today's attack. Read: | no systems were hacked, nodes were created

Tor Project statement on today's attack.

This looks like a regular attempt at a Sybil attack: the attackers have signed up
many new relays in hopes of becoming a large fraction of the network.
But even though they are running thousands of new relays, their relays
currently make up less than 1% of the Tor network by capacity. We are
working now to remove these relays from the network before they become
a threat, and we don't expect any anonymity or performance effects based
on what we've seen so far.

'Just for lulz': Hackers leak 13,000 passwords from sites incl Amazon, PlayStation & Xbox

'Just for lulz': Hackers leak 13,000 passwords from sites incl Amazon, PlayStation & Xbox

Embedded image permalink