TorMoil: This Tor Browser Flaw Can Leak Your Real IP Address — Update It Right Now

A critical Tor browser flaw was recently found by Filippo Cavallarin, CEO of We Are Segment security firm. Dubbed TorMoil, this flaw can lead to the leakage of users’ real IP address.

For the time being, the segment hasn’t disclosed the complete details of the exploit as all the users aren’t updated yet. Once a proper fix is available to all users, the details will be shared.

However, we do have some information about TorMoil. Due to a Firefox bug in handling file:// links, it’s possible that Mac and Linux users can compromise their security. It’s worth noting that this flaw doesn’t affect Windows and Mac users.

After clicking on a specially crafted file:// URL, the user could be redirected to a webpage for directly connecting the machine to the remote host, bypassing Tor browser.

With the help of Mozilla engineers, Tor team has created a fix, which has patched the leak partially. “We developed an additional fix on Tuesday, October 31, plugging all known holes. We are not aware of this vulnerability being exploited in the wild,” the team added.

In case you’re a Tor browser user on Linux or Mac, you are advised to update your software as soon as possible to prevent the IP address leak. To fix this issue, Tor Browser 7.0.9 has been released for Linux and Mac.

Did you find this story on Tor browser flaw helpful? Don’t forget to share your views with us.

Also Read: Best Alternatives to Tor Browser to Browse Anonymously