Leading DarkNet Market Agora Temporarily Suspends Service Over Tor Vulnerability Concerns

from the here-come-the-fuzz dept

As the government continues to play Whac-a-Mole with darknet drug bazaars, one of the Silk Road’s leading darknet market replacements says it has temporarily suspended service over Tor vulnerability concerns. In an encrypted post to the site’s buyers and dealers (copied over to PasteBin and over at the /r/darknetmarkets subReddit), Agora’s administrators say the darknet market is nervous about law enforcement’s ability to take advantage of recent Tor vulnerabilities, and as such are pulling the market offline for an undisclosed amount of time to protect the site:

“Recently research had come that shed some light on vulnerabilities in Tor Hidden Services protocol which could help to deanonymize server locations. Most of the new and previously known methods do require substantial resources to be executed, but the new research shows that the amount of resources could be much lower than expected, and in our case we do believe we have interested parties who possess such resources. We have a solution in the works which will require big changes into our software stack which we believe will mitigate such problems, but unfortunately it will take time to implement.”

While the post doesn’t specify which Tor vulnerability the market’s responding to, a paper recently published by researchers from Qatar University and MIT (pdf) argued that it was possible to use a Tor vulnerability to identify Tor hidden services with as much as 88% accuracy. Tor director Roger Dingledine responded to these findings in a blog post back in July. Dingledine downplayed the ability of the vulnerability to be exploited in the wild, while pointing out that researchers have long over-estimated the ease of such fingerprinting methods in the real world.

To succeed in the fingerprinting process, the attacker needs to control the Tor entry point for the server hosting the hidden service, and have previously collected unique network identifiers allowing for the fingerprinting for that particular service. Still, Agora itself strongly hints that they’ve seen some (presumably law enforcement) behavior in the wild already attempting to take advantage of the vulnerability, and wasn’t willing to take the risk:

“…We have recently been discovering suspicious activity around our servers which led us to believe that some of the attacks described in the research could be going on and we decided to move servers once again, however this is only a temporary solution. At this point, while we don’t have a solution ready it would be unsafe to keep our users using the service, since they would be in jeopardy. Thus, and to our great sadness we have to take the market offline for a while, until we can develop a better solution. This is the best course of action for everyone involved.”

Agora’s decision to forgo possible revenue for the sake of OPSEC (operational security) resulted in some Reddit posters praising Agora for its “iron testicles”. The outfit does appear to be slowly paying funds back to dealers and users (funds for DarkNet markets are usually held in escrow until deals are completed), but payments appear to be taking 24 to 48 hours for Agora to process. Meanwhile, admins for other darknet markets, like Middle Earth, have subsequently proclaimed that they have already covered their bases and aren’t worried about the vulnerability:

“We noticed the strange happenings early on. We KNOW that TOR devs are the best of the best. This is only theoretical paper from MIT students. TOR updates daily on a development level, they would fix any vulnerabilities from any theoretical paper. Emphasis: Theoretical Paper, Not Successful Tests. We have covered all bases.”

While the Agora shutdown combined with dropping Bitcoin value (due to the potential forking of currency development by those concerned about scalability) have Bitcoin advocates and Darknet market users sweating a bit, Agora’s shutdown would seem to be only a temporarily bump in the road to future darknet opsec skirmishes. Agora already had survived last November’s Operation Onymous, which took down Silk Road 2 and 400 other websites. It’s still debated whether those seizures were thanks to a Tor vulnerability or old-fashioned detective work (law enforcement obviously isn’t keen on being illuminating).

Even if Agora doesn’t return, there’s a half-dozen or more already established Darknet markets happy to fill the void and satiate the globe’s inexhaustible supply of drug buyers and dealers, those entertained by the endless game of opsec cat and mouse, and the government’s insatiable need to fill its mole-whacking quota.

Filed Under: , , , , ,
Companies: agora

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Leading DarkNet Market Agora Temporarily Suspends Service Over Tor Vulnerability Concerns”

Subscribe: RSS Leave a comment
GMacGuffin (profile) says:

I think it’s wise of Agora to shut down and move servers for a bit. After all, even a tiny chance of getting caught is worth avoiding when it means going to jail for life. Yay drug war.

Since nobody cared about this but me, I’ll note as aside that bitcoin price crash was not really because of potential forking by BitcoinXT. It was a 10k BTC short (approx. $2.3M) on Bitfinex exchange causing a flash crash and margin calls on the way down.

That was Wed. 8.19 and BitcoinXT build had launched the previous Sunday. But the mainstream press didn’t get to the XT issue until days later and was all kinds of wrong about it (Bitcoin At Risk of Dividing into Two Currencies!). So there was an unrelated crash, and the wrong press contributed to panic selling by those who didn’t get it.

Simple fact is XT won’t kick in unless there’s 75% using it, and only after Jan 2016. If so, there will be two blockchains until the miners/nodes on the wrong blockchain move to XT. If the miners don’t, they will stop making money. So that’ll take maybe hours or days. Then the XT will be called “Bitcoin” and will be scalable (bigger blocks), which current Bitcoin Core is not.

The devs who launched XT are being castigated for taking things into their own hands, but since consensus could not be reached, this was a way to force it. Ugly, but effective. They contend the reason the Bitcoin Core devs who object to increased block size do so because they are involved with Blockstream, which is developing Lightning Network sidechain tech designed to take load off the small 1MB blocks. If the block size increases, all the Lightning Network VC/Angel money and work will be obsolete before it launches. So the Bitcoin Core devs are basically accused of wanting to have a “low volume settlement network” whereas the idea is for a global currency, which means more than 7 transactions per second, which is about the max right now.


tl;dr The point being here, another (alleged) example of monied parties trying to hold back technological advances for their own purposes. (In case we needed more examples.)

nasch (profile) says:

Re: Re:

But the mainstream press didn’t get to the XT issue until days later and was all kinds of wrong about it (Bitcoin At Risk of Dividing into Two Currencies!).

I’m shocked. Shocked, I say!

Then the XT will be called “Bitcoin” and will be scalable (bigger blocks), which current Bitcoin Core is not.

If I’m understanding this right, this doesn’t do anything about the total supply of Bitcoins. That seems to me to be a serious limiting factor in its potential growth.

GMacGuffin (profile) says:

If I’m understanding this right, this doesn’t do anything about the total supply of Bitcoins. That seems to me to be a serious limiting factor in its potential growth.

Bitcoin is a deflationary currency by design. The 21M total is hard-coded into the protocol. It is meant to emulate finite precious metals, which is why it is “mined.” This is a good thing because nobody can just “print more money” and inflate it, causing the value to drop. It’s also not a problem because it’s divisible to 8 decimal points; and they already have names for fractionals (0.00000001 = 1 Satoshi).

So even if 1 BTC is worth $1M, it’s not really a problem. (The hardcore anarchist fanboys think Bitcoin will supplant the banks and other currencies, but that’s neither realistic nor desired. If it did, there might be deflation issues, but it won’t. As long as there are governments, there will be government-backed currencies.)

GMacGuffin (profile) says:

Re: Re: Re:

… yes, there is the investment vs. currency problem. This ties into the biggest threshold issue — the “adoption” problem. I think the idea is that if adoption is more widespread, more stability will follow, and then it’s just like any other currency whose value is always changing relative to different currencies. (e.g., USD is ‘strong’ right now.)

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...