The 100 embassy passwords that were compromised in the middle of 2007 through compromised Tor exit nodes has always stuck with me. Simply sniffing passwords is a great way to gain a ton of intel about the traffic that’s going over the networks. But what about other bad things?
Two “attacks,” if you can call them attacks, sprung to mind when I heard about that. The first was changing banner ads. You can change one banner ad to be another banner ad, and get the additional revenue associated with that. Doing may or may not prove to be lucrative because people using proxies generally aren’t clicking on a lot of ads - or if they are, they aren’t the brightest bulbs.
However, cookie stuffing is actually a slightly more feasible attack. By putting reseller cookies in the browser for every request made to a partner’s website, it’s entirely possible that some of the people who use the proxy will forget to clean their cookies upon closing down the proxy. Hackers hacking hackers. Of course, again if someone is using a proxy to anonymize themselves and they don’t clear cookies too, they probably need to get hit with a clue stick.