Categories: NewsSecurity

Tor Users at Risk of Being Deanonymized by Ultrasound Cross-Device Tracking

People all over the world rely on Tor to maintain a certain level of privacy while browsing the Internet. A new type of attack could make Tor users vulnerable to deanonymization, though. By using ultrasound, it is theoretically possible to track users on the Internet, regardless of them using Tor or any other anonymity tool.

Using Ultrasounds To Deanonymize Tor Is A Threat

Demoed earlier at BlackHat Europe and the Chaos Computer Congress in late 2016, this new ultrasound “exploit” could make life very difficult for Tor users. To be more precise, a technique called ultrasound cross-device tracking is the culprit which makes this all possible. The advertising world has been using this technology for quite some time now, as they aim to track users on the Internet at all times.

As the name suggests, these ultrasound tones are inaudible to the human ear, although most dogs will pick them up without any issues. Despite the user not hearing it, it can be used in multiple ways to determine user behavior. Most of the devices we use these days, including smartphones, can pick up these ultrasounds using dedicated applications.



Once a mobile app hears this ultrasound tone, it can then ping the advertising network with details about the user. In most cases, this will include an IP address, GPS coordinates, a phone number, and even the IMEI code found on one’s SIM card. Although this has only been used for marketing purposes – as far as we know – it is not an unlikely governments and law enforcement agencies will use similar tactics over time.

Related Post

The demo presented at BlackHat Europe 2016 paints a troublesome future for Tor users in this regard. All it takes is a dedicated campaign with this ultrasound service provider and an ultrasonic signal file. Additionally, as it needs to be created on the Tor network that plays this “beacon” in the background every time someone accesses the platform.

If the Tor user has one of these ultrasound-enabled apps on their smartphone, it would then start broadcasting sensitive information to the server. If that were to happen, Tor is no longer anonymous, which renders the entire project moot. Moreover, this attack would not be unique to Tor users alone, as it can unmask anyone using a proxy, VPN, or other anonymity services.

Law enforcement could use the beacon-embedded website tactic to denaonymize Tor users, but that is not their only plausible course of action. Embedded ultrasound in online videos is another option, although it is unclear if YouTube and Vimeo have ways to detect this file. Then again, the same technology is being used by advertisers, so they would need to create a way to distinguish between legitimate and malicious ultrasound files.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

Best Altcoins to Invest in Today: Qubetics Sets the Stage for Blockchain’s Future as Bitcoin Hits $108K and Litecoin Soars

The cryptocurrency world has always been a hotbed of innovation, attracting both seasoned investors and…

4 hours ago

Dogecoin Millionaire Predicts This Undervalued Altcoin Could Match DOGE’s 2021 Gains

Dogecoin's 2021 rally was a historic one, turning ordinary investors into overnight millionaires. This magnificent…

4 hours ago

Qubetics Presale Skyrockets to $7.5M as XRP and Arbitrum Lead Best Altcoins for Exponential Returns

The crypto market is always evolving, with big names like Bitcoin and Ethereum leading the…

5 hours ago

Over 300K Users Actively Mine Crypto On BlockDAG’s X1 Miner App While BNB Bulls Eye $3K; What’s XRP’s Price Target?

The crypto market is ablaze with excitement as altcoins like XRP and BNB make major…

5 hours ago

Best Crypto Presale To Buy Now: Rollblock Delivers For Holders With New License, Record Sign Ups and 7000+ Games

Rollblock is quickly becoming the best crypto presale to buy, delivering unmatched value for its…

9 hours ago

Polkadot And Uniswap Gearing For Post-Christmas Jump As Rollblock Raises $7.4 Million in Presale

While Rollblock's continues its crypto presale, with its value increasing regularly, Polkadot (DOT) and Uniswap…

10 hours ago