Recently a warning has been issued by malware researchers acquainting Mac and Linux users of the Tor anonymity browser about a critical vulnerability which might leak their respective real IP address to potent attackers at the time when they pay visit to certain types of web pages.
Being discovered by Italian security researcher namely Filippo Cavallarin, the vulnerability actually resides in Firefox which eventually also compromised Tor browser, as the privacy-aware services do enables users to browse the web anonymously. Researchers have dubbed this particular vulnerability as ‘TorMoil’. ‘TorMoil’ vulnerability commonly compromises the Tor browser for macOS and Linux and not for the Windows.
CEO of the security firm We Are Segment ‘Cavallarin’ has reported ‘TorMoil’ triggering the ‘Tor Browser’ at the time when users tap links beginning with file://rather than the more common https:// and https:// address prefixes. When the Tor browser for Mac OS as well as Linux opens up the aforementioned address, ‘the operating system directly establishes connection with the remote host’, bypassing Tor Browser. On Friday, members of the Tor Project issued a non-permanent work-around that plugs that IP leak. According to them, until the time the final fix is in place, the updated versions of the browser might not behave appropriately while navigating to file:// addresses. They claimed both the Windows versions of Tor, Tails and the sandboxed Tor browser not being vulnerable to TorMoil.
The Tor Project additionally also said that there is yet no proof that the TorMoil vulnerability has been actively exploited by hackers for obtaining the IP addresses of Tor users. Nevertheless, scarcity of evidence does not proof it at all that the bug in reality was not exploited by nation-state attackers and skilled hackers, provided the high-demand of Tor zero-day exploit in the market, where Zerodium is always make payment of $1 Million for it’s exploit.
In an attempt for forbidding it’s user’s privacy from being violated, the Tor Project has recently announced the release of Tor 0.3.2.1-alpha which do includes support for the next generation onion services, along with the integration of new cutting-edge encryption and enhancement of overall authentication into it’s web service.