Credit to Anatole Shaw for discovering.


On Sun, Jul 27, 2014 at 10:12 PM, Jeremy <jlrubin@mit.edu> wrote:
Hey,

There is a potential network exploit going on. In the last three days, a node (unnamed) came online and is now processing the most traffic out of any tor node -- and it is mostly plaintext Bitcoin traffic.

http://torstatus.blutmagie.de/router_detail.php?FP=0d6d2caafbb32ba85ee5162395f610ae42930124

Alex Stamos (cc'ed) and I have been discussing on twitter what this could mean, wanted to raise it to the attention of this group for discussion.

What we know so far:

- Only port 8333 is open
- The node has been up for 3 days, and is doing a lot of bandwidth, mostly plaintext Bitcoin traffic
- This is probably pretty expensive to run? Alex suggests that the most expensive server at the company hosting is 299€/mo with 50TB of traffic


--
Jeremy Rubin



--
Jeremy Rubin