Dread, the largest English-language forum on the dark web, has suffered a sustained massive DDOS attack
The dark web forum Dread has been intermittently inaccessible recently, allegedly suffering from a sustained denial-of-service attack. "ODN" has reported that Dread is the largest English-language forum on the Dark Web, modeled after the Reddit structure, and is known for its continued focus on international dark web trading markets, all of which have created subsections on Dread.
The usual DDOS attacks rely on getting thousands of computers to send large amounts of UDP traffic to the victim, but Tor only transmits properly formatted TCP streams, not all IP packets, so regular DDOS attacks on the Tor network don't work. However, there is an easy way out, and since there is no CDN in the Tor network, if a DDOS attack needs to be launched, it is only necessary to gather thousands of bots to access a certain target at the same time.
The DDOS attack on Dread has been going on for weeks, and it is not known who the attacker actually is, but Dread administrators believe the attack is for ransom. the Dread management team has been taking steps to defend, such as adding high-performance protection nodes, but the Tor network is vulnerable, so protection is tougher.
The Tor project team said in June, "We are experiencing network-wide DDoS attempts affecting the performance of the Tor network, which includes both onion service and non-onion service traffic. We are currently investigating potential mitigation measures. " and updated the description in July: "DDoS is not over, but has changed its nature, and we are currently looking at ways to mitigate the new overload. "
Dread administrator Paris published an announcement post on Sunday explaining the recent DDOS attack, titled "Another Day, Another Tor Attack." in an attempt to explain to users what made this particular DDOS attack so effective.
Paris said, "I think we need to burn more money, Dread is once again receiving massive DDOS attacks that are killing our front-end protection nodes."
Paris wrote, "These attacks are combined with other attacks on the Tor network, and if you look at the Tor Project's performance metrics, you'll see that the time to complete the average request continues to rise. Timeouts and failures are becoming more common, and sometimes more than 10 percent of connections cannot be established, proving that the Tor network is generally inaccessible."
According to Paris, "The network performance statistics kept by the Tor Project show a general slowdown in access across the Tor network due to the ongoing DDOS attacks that began in mid-September. the Tor network began to deteriorate rapidly, so expect occasional downtime and inaccessibility on the Dread forums. If you experience timeout issues when accessing the Dread site, please re-open a new connection, which may take a few minutes, but if you were able to successfully establish a connection, it should be solid within 10 minutes until you need to establish another new connection. "
According to Paris, Tor's daemon nodes have gone offline en masse in recent days, making it easier for attackers to make sites like Dread inaccessible.
The Dread forum can be connected directly through the I2P network and is not affected by the attack, nor does it require a captcha or other anti-DDOS method," Paris said. If you really want to get on Dread just use i2p. Premium members can use the dedicated Tor mirror URL address (visit the /d/lounge sub-section to see the link), which is stable and full speed."
Hundreds of dark web market users, online privacy enthusiasts, and general researchers visit Dread every day, and since 2018 it has been the largest communication forum on the dark web for discussions about dark web markets, cybersecurity, cryptocurrencies, and political and social issues.
Following the DDOS attack, several Dread users discussed the incident.
"Why attack Dread, and more importantly, who would do it," said "EvilNet". "I don't think it's law enforcement, because they would sneak in and certainly not conduct a DoS/DDoS attack."
"MrMiggles" said, "In my experience, using i2p has always been faster and more stable than Tor. And it's supposed to be more secure."
"Expectant" said, "Poor Tor network. It doesn't look good."
"ODN" will continue to monitor the DDOS attacks on Tor network and Dread forum.
For more news about the dark web, please follow "ODN".
From：On DarkNet – Dark Web News and Analysis
Copyright of the article belongs to the author, please do not reproduce without permission.