Blockchain.info has increased privacy and security measures for all its users by becoming the second website in the world to receive a .onion address. Users now have the ability to access their Blockchain online wallets directly through the Tor network. This eliminates the need to leave the network to access online wallets and prevents transaction interception, theft and malware downloads.

Bitcoin

Bitcoin is an electronic cryptocurrency used to purchase virtual and actual goods and services. It is not contractually backed by assets or legal currency laws, is not controlled by a central authority and is not a tangible good. Bitcoins can be sent to anyone with an Internet connection.

Blockchain

Blockchain.info states that Blockchain is a public ledger of all transactions that take place in the bitcoin network. The website displays a running list of all bitcoin activity and began as a way to show users’ activities and transactions. Additionally, Blockchain now offers a Web-based bitcoin wallet service.

Tor

The Onion Router, also known as Tor, is a free software service that lets users surf the Internet anonymously and without censorship. It was created to protect U.S. intelligence communication channels over the Internet. After some time, the code was released to let private citizens and nongovernmental organizations communicate outside of countries that may have surveillance or censorship rules.

The term “Onion Router” refers to layers of encryption similar to the multiple rings of an onion. Tor works by encrypting all original IP information as well as the destination IP address. According to TechRepublic, Tor uses a minimum of three servers to pass traffic on, each of which is encapsulated by its own layer of encryption. Each server only identifies the IP that sent it the packet, limiting packet and traffic visibility from node to node. Only the final server knows the destination of the user’s online traffic, maintaining the anonymity of the user.

Blockchain.info and Tor

Only two companies in the world have received a SSL certificate for a Tor address: Facebook in late October 2014 and Blockchain.info in early December 2014. Many bitcoin enthusiasts see this as a major accomplishment for privacy and security specific to Web-based bitcoin wallets. There have been many reports of individuals with Blockchain.info wallets having their bitcoins stolen while making transactions on the Tor network. It is believed that man-in-the-middle (MITM) attacks were targeting Blockchain.info transactions running on infected Tor exit nodes. MITM attacks hijack communications between two systems by intercepting a public key exchange, injecting their own public key and retransmitting the message unbeknownst to the original user.

CryptoCoinsNews states that the MITM attack vector involved stripping the SSL from the website, which results in the user being on a HTTP instead of a HTTPS page. The newest version of the Tor browser will display a yellow exclamation point if the browser is no longer displaying a valid SSL certificate. Many casual Tor users that do not understand the known security flaws associated with rogue exit nodes have fallen victim to this exploit.

The Blockchain.info Tor address has a 10-digit address, blockchainbdgpzk.onion#sthash.0X1PXctz.dpuf. Additionally, Tor Web addresses are developed in a similar method to bitcoin addresses through encryption and public keys that generate a random grouping of numbers and letters. These increased security measures make it extremely hard for cybercriminals to steal bitcoins since all transactions can be conducted from within the Tor network and no exit relays are needed to access Blockchain online wallets.

Yet another reason why bitcoin enthusiasts will rejoice is that prior to Blockchain.info getting its .onion certificate, individuals using bitcoins on the Tor network were at a higher risk of having their identities exposed. In fact, reports indicate that this was happening by way of government-sponsored cyberattacks. According to Josh Pitts of Leviathan Security, a Tor exit relay based in Russia has been compromised for an unknown length of time. This exit relay was injecting malware into computers of users who were downloading programs through the Tor network by modifying legitimate files and applications with malicious binary.

Analyst Comments

A positive outcome from the creation of a .onion or hidden service for Blockchain.info is that bitcoin users do not need to go through an exit relay to access their bitcoin wallets — all transactions remain within the Tor environment. This greatly reduces MITM attacks and makes it harder for bitcoin users’ identities to be exposed within the Tor environment.

A negative outcome from the creation of a .onion or hidden service for Blockchain.info goes back to all nefarious dark Web activity. The Tor network lets users travel into the dirty underbelly of the dark Web. The additional anonymity and security measures associated with Blockchain.info will make it exceptionally difficult to trace bitcoins back to the individuals making the transactions. It is currently possible in some instances to trace an IP address of a computer used to make bitcoin transactions, especially if the IP address is static. It becomes increasingly difficult and nearly impossible to trace an IP address being used on the Tor network because they move to different relays and display many IP addresses and locations. This becomes problematic when the transactions are for illegal goods and services, such as drugs, human trafficking, child pornography and hit men for hire.

Image Source: Flickr

More from Banking & Finance

Black Friday chaos: The return of Gozi malware

4 min read - On November 29th, 2024, Black Friday, shoppers flooded online stores to grab the best deals of the year. But while consumers were busy filling their carts, cyber criminals were also seizing the opportunity to exploit the shopping frenzy. Our system detected a significant surge in Gozi malware activity, targeting financial institutions across North America. The Black Friday connection Black Friday creates an ideal environment for cyber criminals to thrive. The combination of skyrocketing transaction volumes, a surge in online activity…

What’s up India? PixPirate is back and spreading via WhatsApp

8 min read - This blog post is the continuation of a previous blog regarding PixPirate malware. If you haven’t read the initial post, please take a couple of minutes to get caught up before diving into this content. PixPirate malware consists of two components: a downloader application and a droppee application, and both are custom-made and operated by the same fraudster group. Although the traditional role of a downloader is to install the droppee on the victim device, with PixPirate, the downloader also…

Exploring DORA: How to manage ICT incidents and minimize cyber threat risks

3 min read - As cybersecurity breaches continue to rise globally, institutions handling sensitive information are particularly vulnerable. In 2024, the average cost of a data breach in the financial sector reached $6.08 million, making it the second hardest hit after healthcare, according to IBM's 2024 Cost of a Data Breach report. This underscores the need for robust IT security regulations in critical sectors.More than just a defensive measure, compliance with security regulations helps organizations reduce risk, strengthen operational resilience and enhance customer trust.…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today