Fransk polis har slagit till mot en nätaktivist och beslagtagit en server som hanterade två noder i Tors nätverk. Noderna, uppkopplingarna, sätt samman med Wannacry-attackerna och utbrottet tidigare i år.
Noderna, vilka kan sägas vara anslutningspunkter, till Tor, var så kallade “trusted” vilka ska vara pålitliga anslutningar. Aeris anmälde att noderna och servern komprometterats den 15 maj i år.
The activist said police seized his server because a big French company was infected with WannaCry two days earlier, on May 12. The company logged all outgoing traffic during the attacks and provided the data to police.
WannaCry communicates with a command and control server hosted on the Dark Web, on a .onion address. Aeris suspects his servers were used as first hops in this connection, hence the reason police seized his property, hosted via French hosting provider Online SAS.
Most Tor servers are configured to log very few details, such as uptime and status metrics, so to safeguard the privacy of its users. Unless Aeris made customizations to default configs, French police have no chance of finding any useful information on the seized servers.
0 kommentarer