The Hackers are sprightly abusing a zero-day vulnerability in Firefox simply to unmask the Tor Browser users, similar to what the FBI exploited during an inquiry of a child pornography website.
Firefox Zero-Day Flaw To Expose Tor Users
The Zero Day vulnerabilities are the most dangerous program or service that you can have. This type of vulnerabilities consist of failures that are not known to the manufacturer, but they themselves are held by attackers who can use them for spurious purposes. And it is even more serious when it is in what is supposedly the safer anonymity network “Tor”.
The Onion Router is an anonymity software which provides a safe heaven to the human rights activists, journalists, government officials. But, along with all this, it is also a place where drugs, assassins for hire, child pornography, and other illegal activities have allegedly been traded.
Like many exploits, it takes advantage of a memory corruption that can inject malicious code to be used on computers running Windows. The exploit is virtually identical to one used by the FBI in 2013 for Deanonize users who visited a page of pedophilia, which ran on pages hosted by a service called Freedom Hosting. In fact, the code is virtually the same, except few changes only in small parts, according to the user who has actually discovered.
The data of users who were infected were sent to a server whose IP is 18.104.22.168, it is a hosted remote server in a virtual machine on OVH, french hosting service through port 80. The server is no longer responding at the time of writing.
The Tor Project lead, Roger Dingledine said that “So it sounds like the immediate next step is that Mozilla finishes their patch for it then…a quick Tor Browser update and somewhere in there people will look at the bug and see whether they think it really does apply to Tor Browser”.