A security researcher intercepted thousands of private e-mail messages sent by foreign embassies and human rights groups around the world by turning portions of the Tor internet anonymity service into his own private listening post.
A little over a week ago, Swedish computer security consultant Dan Egerstad posted the user names and passwords for 100 e-mail accounts used by the victims, but didn’t say how he obtained them. He revealed Friday that he intercepted the information by hosting five Tor exit nodes placed in different locations on the internet as a research project.
Tor is a sophisticated privacy tool designed to prevent tracking of where a web user surfs on the internet and with whom a user communicates. It’s endorsed by the Electronic Frontier Foundation and other civil liberties groups as a method for whistleblowers and human-rights workers to communicate with journalists, among other uses.
It’s also used by law enforcement and other government agencies to visit websites anonymously to read content and gather intelligence without exposing their identity to a website owner.
But Egerstad says that many who use Tor mistakenly believe it is an end-to-end encryption tool. As a result, they aren’t taking the precautions they need to take to protect their web activity.
He believes others are likely exploiting this oversight as well.
“I am absolutely positive that I am not the only one to figure this out,” Egerstad says. “I’m pretty sure there are governments doing the exact same thing. There’s probably a reason why people are volunteering to set up a node.”
Rogue Nodes Turn Tor Anonymizer Into Eavesdropper’s Paradise.