Torinj : Automated Exploitation Malware Targeting Tor Users
Gerard Wagener, Alexandre Dulaunoy, Radu State
TL;DR
This paper introduces Torinj, a malware exploiting the Tor network's exit nodes to infect web browsers, highlighting the network's vulnerability and potential for large-scale malicious propagation.
Contribution
It presents a novel malware propagation method leveraging Tor exit nodes, demonstrating a new attack vector that is easy and cost-effective for attackers.
Findings
The Tor network has a large number of potential victims.
Exploiting Tor exit nodes can facilitate widespread malware distribution.
The proposed malware can automate infection of web browsers through the Tor network.
Abstract
We propose in this paper a new propagation vector for malicious software by abusing the Tor network. Tor is particularly relevant, since operating a Tor exit node is easy and involves low costs compared to attack institutional or ISP networks. After presenting the Tor network from an attacker perspective, we describe an automated exploitation malware which is operated on a Tor exit node targeting to infect web browsers. Our experiments show that the current deployed Tor network, provides a large amount of potential victims.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsInternet Traffic Analysis and Secure E-voting · Network Security and Intrusion Detection · Advanced Malware Detection Techniques