In a recent report, it has been revealed that German law enforcement managed to deanonymize a Tor user in 2021. The Tor Project, a nonprofit organization that provides a privacy network for users, has reassured its users that they can still remain anonymous despite this incident.

According to the reports from German broadcaster Panorama and YouTube channel STRG_F, the Federal Criminal Police Office of Germany was able to identify the alleged administrator of a child sexual abuse material dark website known as Boystown. This dark website was busted by authorities in May 2021, and it was primarily accessible through the Tor Browser, which is famous for providing anonymity to users on the clear web and serving as an entry point into the darknet.

Tor, also known as The Onion Router, has been widely regarded as a tool for privacy and human rights, aiding activists in authoritarian countries. However, the darknet also harbors illegal activities such as online marketplaces, CSAM material, and cybercrime operations, including ransomware groups.

Despite this incident, Tor has emphasized that its network remains secure, and users can continue to use the browser without compromised security. The organization stated that the Tor Network is healthy and that users can communicate securely using the browser.

It is believed that the German police were able to deanonymize the Tor user by exploiting a vulnerability in the Ricochet application, a peer-to-peer instant messaging system designed for use on the Tor network. This attack may have involved a guard discovery attack, where an attacker-controlled relay point established a circuit to the guard node, the first relay in a Tor circuit, thereby exposing the user’s actual IP address.

In response to this incident, Tor released fixes for the vulnerability in 2018, suggesting that the deanonymized user did not utilize the defenses provided by Tor, such as Vanguards. The German authorities have not provided additional information on the operation, and it is speculated that they may have invoked the Federal Criminal Police Office Act to employ surveillance measures to track criminals.

Tor has urged anyone with information on the operation to come forward to assist in threat analysis and has recommended that users patch their applications immediately. Despite the challenges posed by this incident, Tor remains committed to providing a secure and anonymous browsing experience for its users.

Link na izvor