News

CloudFlare: Virtually all traffic to customers through Tor is malicious

By admin
Spread the love

CloudFlare, a company that secures websites, among other things, states that 94 percent of all Tor traffic it sees on its customers is malicious. The anonymous network would be used, among other things, to collect email addresses for spam campaigns.

In a blog post, CloudFlare CEO Matthew Prince explains that the term “malicious” has nothing to do with the content being visited, but rather the activity being performed. For example, in addition to collecting email addresses, the Tor network is said to be used to engage in comment spam, vulnerability searching, ad fraud, and content scraping.

As a result, CloudFlare assigns a high threat score to the IP addresses of Tor exit nodes, indicating the risk associated with connecting from that IP address. However, this also affects legitimate users of the Tor network. They are often confronted with captchas, which have to verify that a human user is indeed making a request.

As Ars Technica reports, CloudFlare recently introduced a policy that allows customers to choose what to do with incoming Tor requests. They can allow or block it and can also choose to perform a test with a captcha or a javascript challenge. It is therefore also possible that a Tor user cannot access a certain page at all. For example, Tor users are also unable to edit Wikipedia pages and 60 to 70 percent of all Tor traffic is blocked by Akamai and Amazon Web Services, Ars Technica knows.

According to CloudFlare, it is difficult to distinguish between malicious and legitimate users of the anonymous network. Normally, the threat score is ignored if the reputation of the user’s browser is good. However, the design of the Tor browser would make identifying individual users more difficult. Identification based on a browser is possible, for example, with device fingerprinting. There is also only a limited number of exit nodes from the Tor network, which means that a relatively small group of malicious users can lead to a high risk estimate.

The number of Tor exit nodes classified as comment spammerSource:CloudFlare

You might also like
News

Amazon has just taken the first real step to compete with Starlink: it has launched…

News

Netflix is ​​also discontinuing the Basic subscription in the US and UK

News

Blizzard will release certain games via Steam, starting with Overwatch 2

News

EU Council determines position on security requirements for digital products

News

Citrix warns of critical vulnerability in NetScaler ADC and Gateway

News

Meta introduces open source language model Llama 2, works on PCs and phones