Tor is a unique web browser because it lets users surf the web while keeping their real IP address hidden. It has lately become quite popular among users who are privacy conscious and prefer to use the web anonymously. However, if you are accessing Tor via Mac or Linux machine, then you need to be concerned because a serious vulnerability has been discovered that can compromise your anonymity.
We Are Segment security firm’s CEO Filippo Cavallarin has managed to identify a critical vulnerability in Tor Browser, dubbed as TorMoil. The flaw is so critical that it leaks the original IP address of Tor users.
According to reports, a Firefox bug that handles file:// URLs is responsible for compromising the security of Mac and Linux users while surprisingly it doesn’t affect Windows users. What happens is that when a user clicks on a specially developed file:// link, he/she is redirected to a webpage for creating a direct link between the computer and remote host after bypassing the security of Tor browser.
The Tor Project, the team behind Tor browser, was notified about the issue on October 26th by Cavallarin after which they collaborated with Mozilla engineers to create a temporary fix, and the leak was fixed partially. Later an update was released on October 31st that the team claims will fix all the “holes,” but it is not yet clear whether the flaw has already been exploited on the internet or dark web. As per the post from Tor Project, the fix is a “workaround” to stop the leak.
“The fix we deployed is just a workaround stopping the leak. As a result of that navigating file:// URLs in the browser might not work as expected anymore. In particular entering file:// URLs in the URL bar and clicking on resulting links is broken. Opening those in a new tab or new window does not work either. A workaround for those issues is dragging the link into the URL bar or on a tab instead. We track this follow-up regression in bug 24136” read the post from Tor Project.
Users on Linux and Mac machines are advised to update Tor browser software (if they are using Tor) with version 7.0.9 immediately to prevent leaking of their real IP address. Tor officials have warned that the fix will not work on alpha versions of Tor browser, but a patch will be made available for these versions on Monday. In the meantime, users of alpha versions should switch to stable versions of the browser, which have been updated.
It is although speculated that the flaw hadn’t been exploited so far but the lack of evidence doesn’t necessarily mean that stalker, private investigators and law enforcement officials haven’t exploited it. Now that a fix has been released, threat actors would direct all their efforts towards the creation of working exploits. That’s why it is necessary to update your Tor browser as soon as possible to safeguard your privacy and security.