If you use TOR for your crypto-currency transactions, you will be interested in

Since the U.S. Naval Research Laboratory launched the TOR project (The Onion Router) in 2002, it has been used by millions of people around the world. This browser that allows anonymity to access what is known as Deep Web and Dark Web has become very fashionable among the owners of crypto currencies to make their transactions for privacy.

A crypto coin specialist under the pseudonym Nusenu has published an analysis of a critical vulnerability of the TOR network related to crypto coin. Malicious actors carry out what is known in cyber security as a MITM (Man In The Middle) attack.

The TOR Network

When you browse the Bitcoin Evolution network, what you do is connect from one server to another. Each one encrypts the information over and over again as if they were Russian dolls, hence the name onion, what the malicious actor does is get in the way so that the information you send goes through him.

In this way when you make a transaction in cryptomonies he makes the modifications he deems appropriate. To date, many bitcoins have been stolen with this technique, so be careful.

Use the redirection from http to https to redirect the traffic so you can get in the middle and see all the communications without encryption.

Are Ledger physical wallets still secure?

How can I prevent my cryptosystems from being stolen?
You have to get used to write the addresses as https:// and stop writing http:// and also not write the address directly as webname.onion this way we will access to safe websites with certificate.

If there is no https:// address, a message usually appears in any browser indicating the problem and warning us that we may be in the hands of cyber-criminals who can intercept our communications.

My advice is to pay close attention to the browsers that the website we are visiting is https:// which normally appears with the famous green closed padlock. We must adopt good security practices until they become a habit.

You can see the complete analysis of Nusenu, in a post he published in Medium.

Posted in Blockchain