Just a big warning to the people that use TOR + clearnet sites like Blockchain.info.
Some hackers found a way to highjack SSL sessions to very popular sites like Blockchain.info.
There are even reports now that only a loggin to the online wallet could initiate a transfer to the hacking address.
This is not a malware or a local hack, it rely on the TOR exit nodes when using these popular sites.
The list is not exhaustive and the flaw seems to be about SSL sessions.
I have personnaly lost a few Bitcoins with that in the last days.
Here what happened to me :
I transfered some Bitcoins to a Blockchain.info wallet, used the wallet through TOR, initiated a sharedcoin transfer and it bugged...when i relogged on the wallet it was emply and with a transaction outgoing to the address mentioned.
I have a report of another user that lost far more than me by just logging on his blockchain.info wallet through TOR.
And to finish with here is a thread about a Chinese user that experienced the same problem for 633 BTC.
https://bitcointalk.org/index.php?topic=821829.0[1]
The Bitcoin address that harvest the transactions from the hacked accounts is mentioned on the thread, the same that received my transfer...
I'm in contact with the Support of Blockchain.info for my problem since the start and it seems i was in the first one affected so we had a hard time to figure out the problem, it seems there is nothing they can do anyway as it is specifically related to the use of TOR.
Please relay the warning if you can for the users of TOR + online wallets like blockchain.info, it is a serious problem and it is still too fresh to be sure of the details...
Once again i insist on the fact that it is not a local hack involving a problem with the user computer but with TOR exit Nodes so please be very carefull!!!
http://www.theregister.co.uk/2014/10/14/nasty_ssl_30_vulnerability_to_drop_tomorrow/