Chaos and DDOS

Submitted by Cyrus on Tue, 05/07/2019 - 01:24

There has been a lot of DDOS on the darkweb, in fact it has to many seemed like a war between different markets and such. Yet now that for the last few weeks Dread has been a target it seems clear the attacker is trying to cause chaos on DNMs. It not merely an outage intended to drive people to alternative markets as one would usually think. In fact after the WSM bust, and I've not read the court documents but I believe the DDOS was part of a correlation attack intended to locate the servers for various markets. It has been very frustrating to all of us. 

I am sure law enforcement is behind the attacks and DDOS. Over at KLOS, my associate Kaizushi reports Tor crashing, and it might be because of exploits against Tor not working properly on her security hardened system. I've instructed her to use strace on an instance of Tor to honeypot the attackers and hopefully discover/steal their exploit. Hopefully we'll be able to uncover her attackers shellcode.

In fact it might be instances of Tor being exploited that are the horsepower behind the DDOS and LE might indeed have turned the Tor network into their own personal botnet. It is speculation, but I even have a bet with a friend that there is a new Tor exploit in the hands of the Feds that will be revealed. I am certain LE will start bragging about the chaos they've been able to cause. 

One thing is certain: be sure to use a hardened system for any hidden services you might run. You might want to take advantage of new features in GCC 8.3.x which currently has a release candidate out. This is easy on Gentoo systems, but it might make them unstable. Uptime isn't everything, I have heard of many because of all the uncertainty and speculation deciding to simply unplug for a while until the fog clears.

I think we will win this battle if we are vigilant.