Tor2Web Access Detection
Medium Nessus Network Monitor Plugin ID 7177
SynopsisThe remote host is accessing a Tor hidden service through Tor2Web.
DescriptionTor2web is a software project that allows Tor hidden services to be accessed from a standard browser without being connected to the Tor network. In the past, various malware campaigns and botnets have utilized Tor2Web to exfiltrate data or communicate externally. Recent traffic from this host indicates it has accessed a Tor URL through a known Tor2Web proxy.