The TOR Project is advising users to upgrade to a new version of the software following a hack that compromised three of its servers.
TOR, short for “The Onion Router,” is a worldwide network of servers that are used to help anonymize people’s Web surfing. Web traffic is randomly routed through many servers, masking critical information such as someone’s true IP (Internet Protocol) address.
TOR is often used by people who want to enhance their privacy while surfing the Internet, as IP addresses are an important piece of information to collect when monitoring Internet traffic.
Web sites will record the IP address of the last exit point out of the TOR network, which could make it appear users have an IP address from a Brazilian ISP when they are actually in Germany.
The attack did not appear to be specifically aimed at disrupting TOR or compromising people’s privacy, wrote Roger Dingledine, the project’s director. Two of the seven directory authorities, which hold a list of nodes in the TOR network, were hacked along with another server that recorded statistics about TOR.
“It appears the attackers didn’t realize what they broke into,” Dingledine wrote. “It seems we were attacked for the CPU capacity and bandwidth of the servers, and the servers just happened to also carry out functions for TOR.”
The project’s operators have refreshed identity keys for the two directory authorities, which means people also need to upgrade their TOR clients to versions Tor 0.2.1.22 or 0.2.2.7-alpha.
“We’ve taken steps to fix the weaknesses identified and to harden our systems further,” Dingledine wrote.