Security implications of Lizard Squad Attack on Tor

Rotten onion Right after the Lizard Squad finished with a DDOS attack on the PSN and XBOX networks, they launched an attack against the Tor anonymity system. The attack was simple, set up enough Tor relays to be able to identify a significant fraction of Tor users and connect them with their activity. They got caught because they were bozos (perhaps intentionally). They did the attack hard and fast, which made it easy to identify the rogue relays, and they bragged about it (which told people to look for the attack).

The folks at Tor say that the attack was ineffective, but not for very comforting reasons. A smart attacker would a) shut up, and b) set up the nodes slowly over time.

It is another example of how important it is to know and trust your privacy providers, for example the post on hostile proxies just earlier today.


Read more on Tor vulnerabilities:

Hackers allegedly behind Xbox and PlayStation network shutdown set sights on Tor | The Verge

Two new attacks on Tor

Attack on Tor may have exposed hidden services and more

Lance Cottrell is the Founder and Chief Scientist of Anonymizer. Follow me on Facebook, Twitter, and Google+.