Internet anonymiser Tor is the latest online service to come under attack from hackers, with security researchers fearing that users may have unwittingly downloaded malware onto their computers.
The Guardian reports that a team of online investigators discovered that Tor has been used to inject potentially malicious code into downloads over the service.
Tor is built to protect web users and their privacy by bouncing their connection between “relay” nodes before it exits back on to the open internet through an “exit” node, of which slightly more than 1,000 exist dotted around the world.
However, it is feared that some computers may have been compromised when at least one exit node, based in Russia, was furtively altering programs downloaded through Tor.
Microsoft Windows-ready programs, when downloaded through the tampered node, were infected with malware, which could potentially allow the unscrupulous individuals behind the malicious coding access to affected systems.
It’s believed that automatic updates through Windows were also affected. While Microsoft’s protection tools are capable of spotting a tampered download, the unspecific error code can see users unintentionally downloading malware onto their computers as they go about trying to fix the issue.
The Tor Project has identified the malware-spamming Russian node as malicious, which means that properly updated users won’t encounter it again. Roger Dingledine, project lead, suggests users do need to be more security aware, however: “It seems like a tough arms race to play… the better approach is to have applications not blindly trust unauthenticated bits they get from the internet.”
Tor users can limit their exposure to such attacks by ensuring they use encrypted connections before downloading programs over the network.