[tor-talk] ShellCode-Exploit deleivery over TOR
John Doe
c0rr3sp0nd3nce at tuta.io
Sat Nov 12 21:40:17 UTC 2016
Hello
Recently, Istumble relatively often over a message by my Antivirus that a file was removedfrom the TB “doomed” cache, where binary files like images are cached.
These filesseem to contain an exploit like “Win32/ShellCode.A”.
Firstly Iassumed a bad exit node that tampers with the content. But the alerts came in frequently and on several exit nodes.
Now Isuspect something like malicious add banners. Maybe in combination with adetection function for TOR exit node IPs.
Has someonealso encountered such things, or does anyone have information about this issue?
Thanks a lot.
John
More information about the tor-talk
mailing list