Tor Finally fixed a bug that annoyed of DDoS

Launching DDoS attacks against dark web sites could soon be a little more difficult to pull off now Tor Project is preparing to fix a bug that has been abused by attackers for years.

A bug that annoyed for so many years . The bug itself is a denial of service (DoS) issue that an attacker can exploit to initiate thousands of connections to a targeted dark web site. 

The remote Onion service needs to negotiate a complex circuit through the Tor network to secure the connection between a user and the site’s server. As this process is very CPU resource intensive, initiating thousands of these connections can quickly overload a site’s server to the point where it can’t accept any new connections.

This is known and Tor Developers not released any patches or fix to overcome this obstacle

“The attacks exploit the inherent asymmetric nature of the onion service rendezvous protocol, and that makes it a hard problem to defend against. During the rendezvous protocol, an evil client can send a small message to the service while the service has to do lots of expensive work to react to it. This asymmetry opens the protocol to DoS attacks, and the anonymous nature of our network makes it extremely challenging to filter the good clients from the bad.”

To make matters worse, a tool named Stinger-Tor was uploaded to GitHub more than four years ago which allows anyone to carry out a DoS attack on a Dark Web site just by running a Python script. There are other tools like this one out there that exploit the bug in Tor and cyber crime groups have been selling them on underground forums.

Members of the Dread community have been encouraging users to donate to the Tor Project. These donations seem to have done the trick as developing a fix for this vulnerability is now being prioritized. The proposed fix won’t completely deal with the issue but it will make DoS attacks less effective against Dark Web sites.

The fix is scheduled to arrive with the upcoming Tor protocol 0.4.2 release and it should make things a bit easier for sites running on the Tor network.