MIT & QCRI researchers have announced that the Tor traffic has been deanonymized using malicious nodes, with 88% accuracy.
The decryption method uses machine-learning algorithms and some series of good luck for guessing the services navigated by the user.
When a user navigates to a website, Tor encrypts it and sends it to the Tor network, being picked up by the guard server which peels off some of the encryption. And this process repeats with all the Tor servers until the exit node, where the user’s browser request is sent to the hosts of the website.
And this is the place where the malicious servers step in. If they get selected as guards, the malicious nodes can intercept some of that traffic.