Torinj : Automated Exploitation Malware Targeting Tor Users
This work addresses a security threat for Tor users by revealing a low-cost attack vector, though it is incremental in building on existing exploitation techniques.
The authors introduced a new malware propagation method by exploiting the Tor network to target web browsers, demonstrating that the current Tor network offers a large pool of potential victims.
We propose in this paper a new propagation vector for malicious software by abusing the Tor network. Tor is particularly relevant, since operating a Tor exit node is easy and involves low costs compared to attack institutional or ISP networks. After presenting the Tor network from an attacker perspective, we describe an automated exploitation malware which is operated on a Tor exit node targeting to infect web browsers. Our experiments show that the current deployed Tor network, provides a large amount of potential victims.