A Tor Browser vulnerability has surfaced in the wild dubbed “TorMoil” which leaks the users’ real IP addresses. The vulnerability affects Tor browser for MacOS and Linux but not Windows. The vulnerability was discovered by Filippo Cavallarin who is an Italian security researcher.
According to Cavallarin, “the issue is actually a Firefox bug in the way the browser handles file:// URLs. While the issue is harmless in Firefox, it's catastrophic in the Tor Browser. Once an affected [Tor Browser] user navigates to a specially crafted web page, the operating system may directly connect to the remote host, bypassing Tor Browser."
The vulnerability has been reported directly to Tor Project developers and a patch has been released for Mac and Linux users. It is believed that the vulnerability has not been exploited as of now however according to the Tor Project developers, “an attacker can reverse engineer the Tor Browser binary and detect the patched code. A well-versed programmer can then very easily understand how the bug occurs and create an exploit for it.”
The Tor Project had made an announcement in an attempt to protect their users. They announced the release of 0.3.2.1-aplha which includes “next generation” support along with encryption and authentication into the website.