Compartilhe este artigo
Bitcoin-Over-Tor Anonymity 'Can Be Busted for $2,500 a Month'
Researchers at the University of Luxembourg have found that using bitcoin over Tor leaves users open to privacy-busting attacks.
Por Joon Ian Wong
Make us preferred on Google
Using bitcoin over the anonymity network Tor leaves users at greater risk of having their identities revealed, according to academics at the University of Luxembourg.
If that seemingly paradoxical finding isn't enough to scare privacy-loving bitcoiners, the researchers also determined that an attack could be mounted on an "economy" budget of just $2,500 a month.
STORY CONTINUES BELOW
Não perca outra história.Inscreva-se na Newsletter Crypto Daybook Americas hoje. Ver Todas as Newsletters
Such an attack could expose the identity of a bitcoin and Tor user, and allow the attacker to meddle with the victim's transactions, they said.
Ivan Pustogarov, one of the two researchers working on the issue, explained:
"The problem here is with anonymity. When people are connecting through Tor, they are expecting to have a higher level of anonymity ... it does provide some level of anonymity, but it is not that hard to break this."
The attack is laid out in a paper titled, Bitcoin Over Tor Isn't A Good Idea, written by Pustogarov, a doctoral student at CryptoLUX, the University of Luxembourg's cryptology research group, and Alex Biryukov, an associate professor who leads the group.
Pustogarov said the paper is to be submitted for peer-review to be presented at a cryptography and information security conference.
'Virtual bitcoin reality'
The sort of manipulation described by the authors is known as a 'man-in-the-middle' attack (MitM) and, if successful, could reveal a user's IP address, which can be used to locate the user, and allow an attacker to 'glue', or correlate, the transactions performed by that user from different bitcoin addresses.
The paper states:
"A low-resource attacker can gain full control of information flows between all users who chose to use bitcoin over Tor. In particular the attacker can link together user's transactions regardless of pseudonyms used ... and a totally virtual bitcoin reality can be created for such ... users."
As a result, a victim would also be at the attacker's mercy regarding information about his transactions, since they would be able to delay or discard a victim's transactions or blocks.
In an extreme scenario, a bad actor could even dupe a victim into thinking they had received bitcoin when in fact they had not (a so-called 'double-spending attack'), Pustogarov said.
This sort of attack would have ramifications for privacy-seeking merchants, on dark web markets, for instance. A dark web merchant would also be at risk of being outed by rival businesses or disgruntled customers by such an attack.
Despite the MitM's ability to compromise a victim's privacy, it would not, however, be able to steal a victim's funds. Their wallet and transactions are safe, even if the attack was successfully mounted, the researcher confirmed, adding:
"The wallets are safe; bitcoins cannot be stolen. The attack is not that great."
How the attack works
Pustogarov and Biryukov dreamed up the attack by focusing on a little-known aspect of the bitcoin protocol, its built-in protection against a denial of service attack (DoS). To protect themselves, bitcoin servers award points to clients that send them problematic transactions. When a client racks up 100 points, the server bans it for 24 hours.
In an earlier paper, also focused on anonymity risks on the bitcoin network, the authors described a way to exploit this DoS protection to prevent Tor from being used to connect to the bitcoin network.
They explained that, when a Tor user connects to the bitcoin network, his or her IP address is not revealed. Instead, the bitcoin server sees the address of the connected Tor 'exit node', a type of server. As a result, an attacker could send enough bad transactions over Tor to get all the exit nodes banned by the bitcoin network.
The authors build on that approach in their current paper. They say that a smart attacker could set up a number of bitcoin servers and Tor exit nodes before exploiting the DoS protection system to ban other Tor exit nodes from the bitcoin network.
When a victim uses Tor to connect to the bitcoin network, he will be left with only the attacker's bitcoin servers to connect to, since he has been banned by all other servers. The attacker is now in control of all the information relayed to the user.
Pustogarov and Biryukov estimate that the attack can be mounted for between $2,500 and $7,200 a month. This range would be required to guarantee sufficient bandwidth and/or multiple IP addresses for the attacks.
At the lower limit, an attacker could control a significant portion of Tor exit node bandwidth, allowing him to direct a victim to a malicious bitcoin server. With this amount of bandwidth, a victim would take under three minutes, on average, before connecting to a bitcoin server controlled by an attacker, Pustogarov said.
Detection and fixes
There is some good news, however. Pustogarov noted that such an attack could be monitored fairly easily, by creating a program to check the percentage of Tor exit nodes banned by the bitcoin network at any given time, explaining:
"If somebody decides to monitor if this attack is being carried out, he will be able to detect it immediately."
The paper also outlines some ways of countering the attack, although they all require fundamental changes to the bitcoin protocol. The DoS protection system could be changed so that it only runs on half of all servers, by random selection, at any given time, for example.
The use of Tor to increase anonymity with other applications has also proved problematic in some cases. For instance, earlier research showed that using BitTorrent, the popular decentralised file-sharing protocol, over Tor resulted in IP addresses getting leaked.
"Tor is not a panacea ... and not all applications are anonymised equally well when combined with Tor," the paper states.
Pustogarov is optimistic that continued research will dispel myths around the levels of anonymity afforded by the digital currency:
"Right now, users and researchers are starting to understand more about anonymity of bitcoin. When I heard about black markets like Silk Road that were using bitcoin, I had the impression that bitcoin is anonymous."
Anonymity image via Shutterstock
Mais para você
Pudgy Penguins is building a multi-vertical consumer IP platform — combining phygital products, games, NFTs and PENGU to monetize culture at scale.
O que saber:
Pudgy Penguins is emerging as one of the strongest NFT-native brands of this cycle, shifting from speculative “digital luxury goods” into a multi-vertical consumer IP platform. Its strategy is to acquire users through mainstream channels first; toys, retail partnerships and viral media, then onboard them into Web3 through games, NFTs and the PENGU token.
The ecosystem now spans phygital products (> $13M retail sales and >1M units sold), games and experiences (Pudgy Party surpassed 500k downloads in two weeks), and a widely distributed token (airdropped to 6M+ wallets). While the market is currently pricing Pudgy at a premium relative to traditional IP peers, sustained success depends on execution across retail expansion, gaming adoption and deeper token utility.
Mais para você
Bitcoin pulls back to as low as $81,000 as horrendous day continues
The world's largest cryptocurrency has shed nearly $10,000 over the past 24 hours, now threatening to take out its recent November low just under $81,000.
O que saber:
- Bitcoin (BTC) continued to quickly decline in the U.S. evening hours on Thursday, the price falling all the way to $81,000.
- More than $777 million in leveraged crypto long positions were liquidated in the space of one hour.
- Comments from President Trump caused a surge in Polymarket betting odds on Kevin Warsh becoming the next Fed chair, perhaps disappointing some traders who hoped the more dovish Rick Rieder would be selected.
Top Stories
