Last month, The Anonymous network TOR was under attack, everyone guessing about the FBI- yes, they were behind the attack, the FBI told an Irish court that it was behind the shenanigans.
FBI hack of TOR was supposed to target associates of the Freedom Hosting’s operator Eric Eoin Marques who’s currently being detained in Dublin, Ireland for his involvement in a massive child pornography operation.
On August 4, an error message was displaying on all the websites hosted by Freedom Hosting with hidden code embedded in the page. Security researchers dissected the code and found it exploited a security hole in Firefox to identify users of the Tor Browser Bundle, reporting back to a mysterious server in Northern Virginia. The FBI was the obvious suspect, but declined to comment on the incident.
Some of the intelligent visitors were looking out the source code of the maintenance page which was showing up on all the Freedom Hosting sites realized that it included a hidden iframe tag that loaded a mysterious clump of Javascript code from a Verizon Business internet address. By midday, the code was being circulated and dissected all over the net. Mozilla confirmed about the code exploited a critical memory management vulnerability in Firefox and publically reported on June 25, and is fixed in the latest version of the Browser.
The heart of the JavaScript is said to be “Magento” A traditional virus would use that executable to download and install a full-featured backdoor, so the hacker could come in later and steal passwords, enlist the computer in a DDoS botnet, and generally do all the other nasty things that happen to a hacked Windows box.
Tor Browser Bundle users who installed or manually updated after June 26 were safe from the exploit, according to the Tor Project’s security advisory on the hack.
VIA– Wired| Gizmodo
