A Russian Botnet Is Attacking The Secret Internet For Criminals — And No One Knows Why : Tor, the anonymous, encrypted, parallel web network favored by drug dealers, pedophiles, and privacy activists, is under attack from a Russian botnet and no one knows why.
A huge uptick in traffic was noticed on Tor in the last few days, from 600,000 to 1.2 million users per week. Many people thought that a combination of a new censorship law in Russia, the NSA’s PRISM spying program (and Edward Snowden’s leaks about it), and attacks by the hackers of the Syrian Electronic Army had driven new users to seek the safety of a network where speech is still unregulated and relatively free.
But the traffic is fake, according to the Fox IT blog:
Typically, it is fairly clear what the purpose of malware is, such as banking, clickfraud, ransomware or fake anti-virus malware. In this case however it is a bit more difficult. It is possible that the purpose of this malware network is to load additional malware onto the system and that the infected systems are for sale. We have however no compelling evidence that this is true, so this assumption is merely based on a combination of small hints. It does however originate from a Russian spoken region, and is likely motivated by direct or indirect financial related crime.