• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • April 20th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Surveillance
Privacy

Flaw in Tor Browser Leads to Leaking of Your Real IP Address

November 4th, 2017 Waqas Security, Privacy 0 comments
Flaw in Tor Browser Leads to Leaking of Your Real IP Address
Share on FacebookShare on Twitter

Tor is a unique web browser because it lets users surf the web while keeping their real IP address hidden. It has lately become quite popular among users who are privacy conscious and prefer to use the web anonymously. However, if you are accessing Tor via Mac or Linux machine, then you need to be concerned because a serious vulnerability has been discovered that can compromise your anonymity.

We Are Segment security firm’s CEO Filippo Cavallarin has managed to identify a critical vulnerability in Tor Browser, dubbed as TorMoil. The flaw is so critical that it leaks the original IP address of Tor users.

More: How to Install TOR on Android and iOS Devices

According to reports, a Firefox bug that handles file:// URLs is responsible for compromising the security of Mac and Linux users while surprisingly it doesn’t affect Windows users. What happens is that when a user clicks on a specially developed file:// link, he/she is redirected to a webpage for creating a direct link between the computer and remote host after bypassing the security of Tor browser.

The Tor Project, the team behind Tor browser, was notified about the issue on October 26th by Cavallarin after which they collaborated with Mozilla engineers to create a temporary fix, and the leak was fixed partially. Later an update was released on October 31st that the team claims will fix all the “holes,” but it is not yet clear whether the flaw has already been exploited on the internet or dark web. As per the post from Tor Project, the fix is a “workaround” to stop the leak.

“The fix we deployed is just a workaround stopping the leak. As a result of that navigating file:// URLs in the browser might not work as expected anymore. In particular entering file:// URLs in the URL bar and clicking on resulting links is broken. Opening those in a new tab or new window does not work either. A workaround for those issues is dragging the link into the URL bar or on a tab instead. We track this follow-up regression in bug 24136” read the post from Tor Project.

Users on Linux and Mac machines are advised to update Tor browser software (if they are using Tor) with version 7.0.9 immediately to prevent leaking of their real IP address. Tor officials have warned that the fix will not work on alpha versions of Tor browser, but a patch will be made available for these versions on Monday. In the meantime, users of alpha versions should switch to stable versions of the browser, which have been updated.

It is although speculated that the flaw hadn’t been exploited so far but the lack of evidence doesn’t necessarily mean that stalker, private investigators and law enforcement officials haven’t exploited it. Now that a fix has been released, threat actors would direct all their efforts towards the creation of working exploits. That’s why it is necessary to update your Tor browser as soon as possible to safeguard your privacy and security.

  • Tags
  • Anonymity
  • dark web
  • internet
  • Privacy
  • security
  • Spying
  • Surveillance
  • Technology
  • Tor
Facebook Twitter LinkedIn Pinterest
Previous article No Prison for Student who Developed Spam Botnet to Pay College Fee
Next article Google Search Results Exploited to Distribute Zeus Panda Banking Trojan
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
WhatsApp Pink is malware spreading through group chats

WhatsApp Pink is malware spreading through group chats

2021 and Emerging Cybersecurity Threats

2021 and Emerging Cybersecurity Threats

Unpatched MS Exchange servers hit by cryptojacking malware

Unpatched MS Exchange servers hit by cryptojacking malware

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Hackers claims to be selling 13tb of Domino’s India data
Hacking News

Hackers claims to be selling 13tb of Domino’s India data

WhatsApp Pink is malware spreading through group chats
Security

WhatsApp Pink is malware spreading through group chats

A hacker claims to be selling sensitive data from OTP generating firm
Hacking News

A hacker claims to be selling sensitive data from OTP generating firm

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us