Tor Project to Fix Bug Used For DDoS Attacks on Onion Sites For Years

An anonymous reader writes: The Tor Project is preparing a fix for a bug that has been abused for the past years to launch distributed denial of service (DDoS) attacks against dark web (.onion) websites. Barring any unforeseen problems, the fix is scheduled for the upcoming Tor protocol 0.4.2 release.

The bug has been known to Tor developers for years, and has been used to launch Slow Loris-like attacks on the web servers that run the Tor service supporting an .onion site. It works by opening many connections to the server and maxing out the CPU. Since Tor connections are CPU intensive because of the cryptography involved to support the privacy and anonymity of the network, even a a few hundreds connections are enough to bring down dark web portals.

A tool to exploit the bug and to automate DDoS attacks has been around for four years, and has been used by hackers to extort dark web marketplaces all spring. At least two markets selling illegal products have shut down after refusing to pay attackers. To get the bug fixed, members of a dark web forum banded together and donated to the Tor Project to sponsor the bug's patch.