Massive IP Spoofing attack targeting Tor Relay Operatorsdelroth.net/posts/spoofed-mass-scan-abuse/
1417 sats \ 4 comments \ @eltordev 7 Nov security
Interesting IP spoofing attack targeted towards Tor relay operators. This attack is not specific to Tor, but somebody (deep state?) wants hosting providers to ban Tor relays. Incentivizing more decentralized relay self hosting can help.
The attacker is spoofing the IPs of Tor Exit and Directory nodes, and blasting TCP SYN packets on 22/TCP- spurring a large amount of abuse complaints to hosting providers, which are then temp blocking/banning Tor infrastructure which isn't actually doing anything wrong.
write
preview
related posts
157 sats \ 0 replies \ @kristapsk 7 Nov
Dupe - #754284
reply
262 sats \ 0 replies \ @ek 7 Nov
This gave me flashbacks of parsing all these custom abuse report formats at my previous job. Will read the article now.
reply
200 sats \ 0 replies \ @zarko 7 Nov
something big is about to happen and they want to cut anonymous communications
reply
0 sats \ 0 replies \ @at_projectX 7 Nov freebie
I think something very scary is about to happen! It's huge that they managed to do this!