Pierluigi Paganini November 21, 2023

The Tor Project removed several relays that were used as part of a cryptocurrency scheme and represented a threat to the users. 

The Tor Project announced the removal of multiple network relays that were involved in a cryptocurrency scheme.

A Tor network relay is a server that operates within the Tor network and routes data through a series of relays with the end goal of anonymizing the original source of the traffic.

Tor relays are operated by a network of volunteers worldwide who believe in supporting online privacy and freedom of information. Anyone with the necessary technical knowledge and resources can set up and operate a Tor relay. These volunteers contribute to the Tor network by providing bandwidth and helping to route traffic in a way that enhances anonymity for users.

Recently, Tor Project maintainers identified some operators involved in for-profit financial scheme that were observed promising monetary gains with cryptocurrency tokens.

The decision to remove the relays animated a debate in the community around relay policies, their violation, and incentivization models that can better support relay operators.

The Tor Project pointed out that this scheme is operated by third parties without endorsement or approval.

“We consider these relays to be harmful to the Tor network for a number of reasons, including that certain of the relays do not meet our requirements, and that such financial schemes present a significant threat to the network’s integrity and the reputation of our project as they can attract individuals with malicious intent, put users at risk, or disrupt the volunteer-driven spirit that sustains the Tor Community.” reads the announcement published by the Tor Project. “As part of our assessment and due diligence into the matter, we engaged with relay operators and were often presented with scenarios in which relay operators associated with this scheme were putting themselves at risk by lacking the awareness of what project they were actually contributing to or operating relays in unsafe or high-risk regions. It has become clear to us that this scheme is not beneficial to the Tor network or the Tor Project. Which is why we proposed the rejection of those relays to our directory authorities who voted in favor of removing them.”

The announcement has not named the entity that was operating the relays, however, multiple sources reported that the servers were operated as part of the ATOR project. ATOR empowers decentralized internet relay operators through on-chain rewards, and facilitates wider provision of open and anonymous protocols through hardware.  

“The value of ATOR plummeted on Monday after the Tor Project made its announcement, dropping to below $1 after reaching an all-time high of $2 just days before the relays were removed. Over 1,000 nodes have been reportedly shut down.” reported SecurityWeek. “Following the Tor Project’s decision, ATOR maintainers said they plan to develop their own decentralized peer-to-peer routing network.” 

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Tor)