In a recent post written by a user who monitors the network of TOR, a famous browser that makes navigation safe and anonymous, a detailed report explains that more than 23% of the TOR network is in the hands of criminals.
These are the exit relays, i.e. the points on the network that allow users to connect to the final destination and modify the outputs, which puts the end-user at risk because all the data can be recovered, just like in a classic “man in the middle” attack.
Tor network, why isn’t the browser safe
When analyzing the data we can see that as many as 380 relays are in the hands of criminals and this represents 23.95% of the entire network. On the user side, this means a 1 in 4 chance of running into these relays.
From the graph in the report, we can see an increase in the activity of the criminals and how the TOR team promptly took action against them. However, this did not help, as just one month later the criminals continued to add relays, using the strategy of dividing them into smaller families.
It is interesting to note that each relay has its own contact email and it is plausible that they all belong to one entity. It should also be noted that there is also an FBI related relay, which makes this even more suspicious.
As noted in the report, the websites that are being targeted are those related to cryptocurrencies.
Note that criminals are able to copy a website in every detail and induce the victims to log in with their credentials, so they may have passwords and maybe even all the funds of the victim.
Unfortunately, this type of attack is still active and there are still no measures to prevent and divide relays based on their genuineness since anyone can set up one or more relays and manage them as they wish.
At this point, it is clear that the TOR network doesn’t seem to be very safe and the risk of running into such a relay is very high.