In a non-public report, the Department of Treasury revealed that an increasing number of hackers are using the Tor network to maintain their anonymity. Surprise surprise! After all,Tor is one of the biggest online anonymity services. So the government is suggesting (again) that blocking Tor would keep hackers away, though. And while that might be true, it’s also shady. The report came from the Financial Crimes Enforcement Network (FinCEN), a Treasury Department bureau responsible for analyzing financial crimes and whatnot.
The majority of bank account hijackings over the past decade used the Tor privacy service to hide thieves’ locations, according to a US Treasury Department report obtained by KrebsOnSecurity reporter Brian Krebs. The non-public report said the heists could have been prevented had financial institutions noticed that the accounts were being accessed over Tor IP addresses, according to an article Krebs published Friday. The report, which was produced by the Financial Crimes Enforcement Network, was based on a review of so-called suspicious activity reports (SARs) filed by banks. Krebs wrote: “Analysis of these documents found that few filers were aware of the connection to Tor, that the bulk of these filings were related to cybercrime, and that Tor related filings were rapidly rising,” the report concluded. “Our BSA [Bank Secrecy Act] analysis of 6,048 IP addresses associated with the Tor darknet [link added] found that in the majority of the SAR filings, the underlying suspicious activity—most frequently account takeovers—might have been prevented if the filing institution had been aware that their network was being accessed via Tor IP addresses.”