Vulnerability found in Tor Browser Bundle, beams info back to the NSA

Researchers find exploit in Tor Browser Bundle that lets the NSA see your machine's hostname and MAC address.

@CharlesJGantt

Published Aug 5, 2013 8:03 PM CDT
Updated Nov 3, 2020 12:21 PM CST

51 seconds read time

In the ongoing saga of NSA spying, it appears that not even the darknet is safe. Today, reports came in that an exploit has been discovered in the Tor version of Firefox 17 that comes packaged with the Tor browser bundle. An exploit in the browser's code allowed malware to be injected into the system which then beamed the machine's hostname and MAC address back to a remote server in Reston, Virginia.

Vulnerability found in Tor Browser Bundle, beams info back to the NSA | TweakTown.com

The exploit was based on a vulnerability that arises when websites on the darknet attempted to run JavaScript. After a little digging, sources found that the remote server located just outside of Washington DC then sent those hostnames and MAC addresses to NSA servers located all over the country. The exploits as well as the NSA spying were discovered by Baneki Privacy Labs, a collective of Internet security researchers, and VPN provider Cryptocloud.

The vulnerability is only present in the Windows version of the Firefox Extended Support Release 17 browser that was bundled with the Tor Browser Bundle before June of this year. Because automatic updating is turned off in this version, anyone who downloaded the Tor Browser Bundle before June is susceptible to the spying. Tor recommends that users download the new version of the Browser Bundle to stay secure.