TOR Spoofing Attacks: epilogue

by adminCyberSec NewsPosted on No Comments

https://blog.torproject.org/defending-tor-mitigating-IP-spoofing/   At the end of October, Tor directory authorities, relay operators, and even the Tor Project sysadmin team received multiple abuse complaints from their providers about port scanning. These complaints were traced back to a coordinated IP spoofing attack, where an attacker spoofed non-exit relays and other Tor-related IPs to trigger abuse reports aimed at disrupting the Tor …

Read more “TOR Spoofing Attacks: epilogue”

Is this attacker’s IP spoofed?

by adminCyberSec Case Study, CyberSec News, Malicious SoftwarePosted on No Comments

We’re actively sending abuse alert emails to network owners, alerting them to potential compromises on their servers. Recently, several TOR operators (middle, guard, and exit nodes) have reached out, reporting that their IPs were spoofed. While these claims have validity, we’d like to highlight that a significant amount of the TCP port 22 traffic we …

Read more “Is this attacker’s IP spoofed?”