Tor, the Internet privacy protecting service, said on Wednesday, 30 July 2014, it discovered a compromise on its network that indicated somebody was trying to monitor the activity of its users.
“While we don’t know when they started doing the attack, users who operated or accessed hidden services from early February through July 4 should assume they were affected,” Tor said in a blog entry.
Tor is an anonymity tool designed to protect the identity of Internet users by routing traffic through multiple nodes around the globe. It is used by human rights activists, criminals and others looking to evade surveillance.
The blog post said that it was not sure how much information the attackers were able to obtain in their efforts to monitor traffic on Tor.
It advised users to upgrade to the latest version of its software, which addresses the vulnerability that the attackers had exploited in this particular case, but said that may not guarantee the anonymity of users.
“Remember that preventing traffic confirmation in general remains an open research problem,” the blog said.
Tor revealed details of the attack after researchers at Carnegie Mellon University said they had developed a method of identifying hundreds of thousands of Tor users.
Those researchers had planned to detail their technique at next week’s Black Hat hacking conference in Las Vegas. The university canceled the talk after Tor developers complained to Carnegie Mellon.
Leaked National Security Agency documents show that the NSA has logged the IP addresses of many Tor users and may have scanned emails for users living outside of the United States and its four closest intelligence allies, German media reported earlier this month.