Guest User

just some text

a guest
Sep 24th, 2020
20
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Attacker gains custody of an addons.mozilla.org TLS certificate (wildcard preferred)
  2. Attacker begins deployment of malicious exit nodes
  3. Attacker intercepts the NoScript extension update traffic for addons.mozilla.org
  4. Attacker returns a malicious update metadata file for NoScript to the requesting Tor Browser
  5. The malicious extension payload is downloaded and then silently installed without user interaction
  6. At this point remote code execution is gained
  7. The attacker may use an additional stage to further implant additional software on the machine or to cover any signs of exploitation
  8. https://lists.immunityinc.com/pipermail/dailydave/2016-September/001284.html
  9. https://blog.torproject.org/detecting-certificate-authority-compromises-and-web-browser-collusion
  10. https://medium.com/@movrcx/tor-browser-exposed-anti-privacy-implantation-at-mass-scale-bd68e9eb1e95#.fjup01gkm
RAW Paste Data