Digital Rights Management schemes are technologies that are used to restrict piracy and unauthorized usage of copyrighted content. Although sometimes beneficial, DRM-protected files are now posing a risk to users of Tor.
In the past, DRM-protected files have been used to draw users to unknown URL’s to validate software licenses and inject malware. With attackers signing these files with Microsoft SDKs similar to Microsoft Expression Encoder, Windows Media Player can instantly open the IP-compromising URLs via another browser without approval.
While it is not yet an extreme risk, it is vital to exercise caution when opening Windows Media Player Files as they can easily reveal the true IP addresses of Tor users. To properly sign these DRM-protected files, cyber criminals would need to front about $10,000. Therefore, unless the attacker has deep wallets, it is impossible to succeed with such attacks.
Cyber Security specialists with Hacker House have created the proof-of-concept video below showing an attack against a vulnerable TorBrowser user.