Remember everyone, Accessing Clearnet through TOR is considered a security Risk.

Accessing Clearnet through TOR is a big security risk.

Recently there has been a complaint about DNSTATS.net providing phishing links, It's more than likely that the phishing links are a result of Man-In-The-Middle type of attack going on with malicious Tor exit nodes targetting DNSTATS visitors.

The OP over here /r/DarkNetMarkets/comments/3yoyzw/dnstatsnet_has_phishing_links/cyfgs4n admitted to "typing dnstats.net into tor".

To put it simply, whenever you visit dnstats.net through TOR, there is a chance that you will retrieve the content through a malicious exit node that has replaced the DNM links with phishing ones.

The best alternative to this is to use your normal internet connection/trusted vpn to retrieve the market url.

Save it to a text file if you like, bookmark it, but the best thing to do right now is not trust any clearnet content through tor.

Localbitcoins has a great explanation here about this: https://localbitcoins.com/faq#using-lbtc-11-collapse

If you are not a tech-savvy user we recommend avoid using a Tor browser when purchasing Bitcoins. When using a Tor browser you are at risk for man-in-the-middle-attacks by malicious Tor exit nodes. A malicious Tor exit node intercepts the traffic between your computer and LocalBitcoins and then steals your Bitcoins.

If you want to maintain safety and privacy we recommend purchasing Bitcoins in LocalBitcoins using a normal web browser. After the purchase send Bitcoins to a desktop application wallet from where you can make further payments.

See Bitcoin wallet alternatives for your device.

Read more about maintaining your security.

LocalBitcoins has witnessed high attack rates against Tor users. Tor exit nodes intercept HTTPS traffic by doing HTTPS man-in-the-middle attacks with self-signed certificates.

Read research by Tor authors about the malicious Tor exit nodes.

Two-factor authentication does not protect against traffic interception attacks as the attacker can modify Bitcoin send requests to go to a wrong receiving Bitcoin address.


Comments


[15 Points] None:

You're gonna scare the kiddies, most are already in therapy because of recurring nightmares of the mailman being the lead in a CD that's never coming despite the fact that they tumbled their coins 12 billion times in a tumbler in the heart of Marianas Web using 673 1/3 proxies. But I digress, always wear protection so you don't catch a nasty virus :-)


[6 Points] None:

[deleted]


[4 Points] whos_tech_savy:

This is silly scare mongering. HTTP is vulnerable to MITM no matter how you access. And a unverified HTTPS cert is very suspicious.

Visiting clearnet sites is always a security risk if you don't use HTTPS, thats why HTTPS was invented...

I mean if ALL sites you provide confidential data too (logins, CC, bank details) should be HTTPS secured, tor or otherwise.

If firefox or chrome freak out and tell you directly this is probably not who you think it is (self signed cert warning). You're a moron if you continue.

At least HTTPS has a CA to warn you, no body signs onion addresses.


[2 Points] None:

Is this the reason why there were always warnings when a clearnet link was posted on the old SR forums?


[2 Points] god_send:

Why is this such a big concern?

Can someone with some serious knowledge come in here and ELI5? I get why its bad but I don't understand!


[1 Points] SirFoxx:

Does DNSCrypt protect from this?


[1 Points] None: