Russian Government issued a Tender to crack Tor

The Russian government has launched a public competition, reserved to Russian entities, offering $111,000 to break Tor encryption.

As anticipated in my previous post, law enforcement agencies and intelligence all over the world are investing to de-anonymize users in the deepweb, and in particular on Tor networks. Hacking Tor is a goal for many Intelligence agencies as demonstrated also by the collection of documents leaked by Edward Snowden, that explicitly refers to a project named ‘Tor Stinks’ which has the scope to track Tor users.

Russia’s Interior Ministry (MVD) has posted a tender to recruit companies and organization which are interested to “study the possibility of obtaining technical information about users (user equipment) TOR anonymous network”. The Russian Government is offering almost 4 million rubles, approximately $111,000, for the development of technology to decrypt data sent over the Tor and identify Tor users.

The tender, titled “Perform research, code ‘TOR’ (Navy),” was posted on July 11th on the official procurement website.


The competition is open only to Russian companies “in order to ensure the country’s defense and security.” The tender reports that companies that intend to take part in the competition have  to pay a 195,000 ruble (about $5,555) application fee. The Russian Government wants to break the encryption used to anonymize the users’ web experience in Tor Network, Russian Government is aware that foreign Intelligence agencies are working to similar projects and ordinarily use the popular network.

The Tor network is widely used by digital activists and individuals in critical areas of the planet to avoid censorship operated by governments like Iran and China, today the project is managed by a nonprofit group, that is also financed by the US Government, and counts 2,5M users worldwide as reported in the graph below.


The Tor is perceived by the Russian Government as a serious threat, its use, like the adoption of any other anonymizing tool, is “discouraged” by the Kremlin.

Although, the Russian Government isn’t unique one that is trying to de-anonymize Tor, the FBI for example exploited a zero-day flaw in the Firefox browser to identify Tor users for its investigation on child-pornography, the code used is considered the first sample captured in the wild of the FBI’s “computer and internet protocol address verifier,” aka CIPAV, the law enforcement spyware first reported by WIRED in 2007.

Recently German broadcaster ARD reported that NSA experts were monitoring two Tor directory servers in Germany to de-anonymize IP addressed of Tor users using them.

Lets’ close this post with another curious case, early this year researchers Philipp Winter and Stefan Lindskog of Karlstad University in Sweden, identified 25 nodes of Tor network that tampered with web traffic, decrypted it and censored websites.

The experts discovered that a not specified Russian entity was eavesdropping exit nodes at the edge of the Tor network, the attackers appeared to be particularly interested in users’ Facebook traffic. On the overall nodes compromised, 19 were tampered using a man-in-the-middle attacks on users, decrypting and re-encrypting traffic on the fly.


Who is spying on Tor network exit nodes from Russia?

It is another attempt of the Russian Government to compromise the Tor anonymity?

Pierluigi Paganini

(Editor-In-Chief, CDM)



July 30, 2014

cyber defense awardsWe are in our 11th year, and Global InfoSec Awards are incredibly well received – helping build buzz, customer awareness, sales and marketing growth opportunities, investment opportunities and so much more.
Cyber Defense Awards

12th Anniversary Top InfoSec Innovator & Black Unicorn Awards for 2024 are now Open! Finalists Notified Before BlackHat USA 2024...