Tor Network Compromised by Single Hacker Stealing Users' Bitcoin: Report

A single malicious entity controls nearly a quarter of all nodes used on the anonymous internet provider Tor Network and is using its position to steal bitcoin and other cryptocurrencies.

A cybersecurity analyst, using the pseudonym "Nusenu," said in a report this week a hacker now controls approximately 23% of the Tor Network's exit relay capacity.

The Tor Network provides anonymous internet access with voluntarily run relays that route traffic in order to obfuscate users' traceable and identifiable IP addresses.

The exit relay is the final stage that connects users to their requested websites.

Per the report, the hacker is using her/his position as a major exit relay host to stage sophisticated person-in-the-middle attacks, stripping websites of encryption and giving her/him full unrestricted access to traffic passing through her/his servers.

The malicious agent primarily focused on bitcoin mixer services, replacing wallet addresses so the mixer returns "Clean" funds to the hacker rather than the original user.

A lack of enforcement on the Tor Network means the hacker has more than doubled her/his share of exit relays from under 10% last December, nusenu said.

It's unclear how much cryptocurrency has been stolen and whether the malicious agent is engaged in other attacks.

At least one bitcoin mixer service has added an additional security layer preventing hackers from removing their website's encryption.

The identity of the hacker remains a mystery and it isn't clear if there's any added motivation is for the attack besides stealing cryptocurrencies.