“The Tor Project has learned that there may be an attempt to incapacitate our network in the next few days through the seizure of specialized servers in the network called directory authorities,” Tor officials wrote on the project’s blog post on Friday. “We are taking steps now to ensure the safety of our users, and our system is already built to be redundant so that users maintain anonymity even if the network is attacked.“
“I have now lost control of all servers under the ISP and my account has been suspended,” White wrote on Sunday in an update on the Tor mailing list. “Having reviewed the last available information of the sensors, the chassis of the servers was opened and an unknown USB device was plugged in only 30-60 seconds before the connection was broken. From experience I know this trend of activity is similar to the protocol of sophisticated law enforcement who carry out a search and seizure of running servers.“
“If they come back online without a PGP signed message from myself to further explain the situation, exercise extreme caution and treat even any items delivered over TLS to be potentially hostile,” White wrote. “If any of the mirrors or IPs do come back online, I would welcome anyone who is capable of doing so checking for any malicious code to ensure they are not used to deploy any kind of state malware or attacks against users should my theory prove to be the case.”
Tor has gained notoriety for its association with drugs mafias and hackers. The law enforcement, especially FBI, always shows of much interest in the Tor network.
Last month, the FBI also conducted an operation to takedown Silk Road 2.0 server on the network, meanwhile, the law enforcement officials in Europe also seized hundreds of sites operating on the Tor network. However, so far it’s not clear who took the servers down or if law enforcement was involved.
In June this year it was revealed from Snowden secret documents that NSA’s top-secret X-Keyscoresurveillance program targeted at least two German Tor Directory Authority servers, one based in Berlin and the other in Nuremberg.
In an update report, we were informed that seized servers have been returned online and but still unclear whether Law enforcement agency was involved in the attack or any warrants were served as part of the takedown.
Tor itself is not compromised and but such possible and quite successful attempts to take down or hijack the Tor network is a matter of worry.