Launching DDoS attacks against dark web sites could soon be a bit more challenging to pull off today that the Tor Project is preparing to fix a bug that’s been abused by attackers for ages.
According to ZDNet, the bug itself is a denial of service (DoS) problem an attacker can exploit to initiate thousands of links to a targeted dark web site.
For every one of those connections, the remote Onion service should negotiate a complicated circuit via the Tor network to guarantee the connection between an individual and the website’s server. While this process is very CPU intensive, initiating a large number of those connections can easily overload a website’s host to the point where it can not accept any new connections.
While Tor developers have known about this bug for decades, they have not released a fix for it yet as doing this would be quite difficult since the bug exploits the identical procedure used to establish user relations to other websites on the Tor network.
Dark web DDoS attacks
In a blog article , the Tor Project provided additional insight on the DoS attacks that some Onion providers have experiencing over the past few years, stating:
“The attacks exploit the inherent asymmetric nature of the onion support rendezvous protocol, making it a tough problem to shield against. During the rendezvous protocol, a wicked client can send a little message to the service while the service must do a lot of expensive work to respond to it. This asymmetry opens the protocol to DoS attacks, and the anonymous nature of our system makes it extremely hard to filter the good customers from the poor.”
To make things worse, a tool called Stinger-Tor was uploaded to GitHub over four years ago, which enables anyone to conduct a DoS attack on a Dark Web site by simply running a Python script. Other tools such as this one out there that exploit the bug in Tor and cyber-crime groups are selling them on underground forums.
To help put an end the DDoS attacks on onion sites, Dread community members have been encouraging users to contribute to the Tor Project. These donations appear to have done the trick as creating a fix for this vulnerability is currently being prioritized. The proposed fix will not completely handle the issue, but it is going to create DoS attacks less effective against Dark Web websites.
The fix is scheduled to arrive with the forthcoming Tor protocol 0.4.2 release, and it should make things somewhat easier for websites running on the Tor network.