- MW-Blog » Blog Archive » On TOR
- MW-Blog » Blog Archive » TOR exit-node doing MITM attacks
- Testing TOR Nodes for Man-in-the-Middle Attacks
- Anonymity and Secrecy: Why Sin Chung Kai Should Apologise
First published: 30th November 2007
Following last month's news of Dan Egerstad's collection of POP3 and IMAP passwords using a sniffer on a Tor exit node, MW-Blog has found evidence that malicious Tor exit nodes are being used for Man-in-the-Middle attacks on SSL sessions.
The researcher accessed a known SSL server via a variety of Tor exit nodes and looked the SSL certificates received "via" different nodes. One node, in Germany, provided a fake certificate. It was reported to the German authorities, and the node is no longer available. However, this highlights the potential for abuse of the Tor technology.