For people concerned about shielding their internet activity from the many data-gathering spots on the internet, the Tor network has long been a go-to tool. The network routes a user’s activity through a series of relays, which keeps websites from collecting information about their location or tracking what sites they visit.

But the advantage of using that network relies, to some extent, on the presumption that the nodes used to mask people’s activities aren’t themselves collecting data. But as ZDNet reports, two computers scientists have found 110 nodes in the network that are “misbehaving”—snooping on users’ behavior and sometimes using the data collected against the Tor network.

Not all of the malicious nodes had the same level of sophistication, the researchers wrote in their paper, which they will present at a major hacking conference in early August. Some of these nodes were easier to locate than others. Representatives of the Tor project told Threat Post that these nodes were a known “annoyance” and that a new design of the system will deal with the problem.

The snooping nodes don’t necessarily have a dark intent—they could be set up be other researchers, for instance. Another likely source is law enforcement trying to investigate sites on the dark web. But the danger for Tor users is that the data collected by these nodes could be used to identify and disable websites or services that are hidden. While Tor can be used to mask criminal activity, it’s also used by privacy activities, journalists and others who want to protect information.

Every day, we highlight one newly found object, curiosity or wonder. Discover something amazing? Tell us about it! Send your finds to