Someone Is Trying to Knock the Dark Web Drug Trade Offline (thedailybeast.com)

← Back to Stories (view on slashdot.org)

Someone Is Trying to Knock the Dark Web Drug Trade Offline (thedailybeast.com)

Posted by msmash on Friday October 13, 2017 @04:00AM from the new-wrinkle dept.

Joseph Cox, reporting for the Daily Beast: The dark web -- a pack of websites that hides their physical location with special software -- is always a precarious place, with the FBI shutting down massive criminal networks, or competing sites hacking one another. Now, someone is trying to take the four largest drug marketplaces offline, seemingly by flooding them with a torrent of traffic. These sites offer a mail-order service for pretty much any drug a customer could imagine, from LSD to varieties of heroin. As of at least Friday morning, several marketplaces were inaccessible or could only be visited from backup website addresses, and at the time of publication are still facing problems. It's not totally clear who is behind the outages, but the downtime has disrupted the dark-web community somewhat. "We are facing a DDoS attack atm [at the moment] and I guess many other markets as well," a Reddit moderator for the site dubbed Wall Street, one of the affected marketplaces, told The Daily Beast.

62 comments

Min score:

Reason:

Sort:

i noticed that, too by turkeydance · 2017-10-13 04:02 · Score: 2

have to hit the street
1. Re:i noticed that, too by Anonymous Coward · 2017-10-13 04:14 · Score: 0
  
  A Turkey Dance block party in the streets yesterday caused major traffic problems for commuters returning from work. "It's almost like someone is trying to deny access to the neighborhood." said one frustrated driver. The turkeys however had a great evening.
2. Re:i noticed that, too by Anonymous Coward · 2017-10-13 04:16 · Score: 0
  
  https://www.youtube.com/watch?...
3. Re: i noticed that, too by Anonymous Coward · 2017-10-13 12:17 · Score: 0
  
  I don't think the goal is a DDoS. It sounds like a known sidechannel attack which can be used to locate the physical servers the site is hosted on.
  If I was an admin I'd be shutting down for a couple days while relocating the hosting and doing a deep scrub on the last one.
4. Re: i noticed that, too by Anonymous Coward · 2017-10-14 00:46 · Score: 0
  
  Aside from the debate about whether or not the government should tell adults what they can put into their own bodies, the tools they are developing to circumvent the TOR network will come in handy to crush political dissent after the next crisis. Welcome to 1984 on steroids! (Pun intended).
5. Re: i noticed that, too by Anonymous Coward · 2017-10-14 22:17 · Score: 0
  
  It's probably Jeff Sessions. Could you imagine that gremlin jerking off in front of his computer whilst taking down websites?
Probably ... by PPH · 2017-10-13 04:07 · Score: 4, Insightful

... big Pharma. Heroin is cutting into their oxycodone sales.

--
Have gnu, will travel.
1. Re:Probably ... by Anonymous Coward · 2017-10-13 04:20 · Score: 2, Interesting
  
  Sounds about right especially since these organizations funding anti drug programs and fighting legalization. https://www.usnews.com/news/articles/2016-09-08/fentanyl-maker-donates-big-to-campaign-opposing-pot-legalization
2. Re:Probably ... by Anonymous Coward · 2017-10-13 04:22 · Score: 0
  
  along the same lines https://www.usnews.com/news/articles/2016-09-08/fentanyl-maker-donates-big-to-campaign-opposing-pot-legalization
3. Re:Probably ... by Opportunist · 2017-10-13 04:31 · Score: 2
  
  Not to mention that certain TLAs don't like it when you cut into the way they fill their "funding for special operations".
  
  --
  We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
4. Re:Probably ... by bobbied · 2017-10-13 04:34 · Score: 2
  
  There's no real money in legitimate Oxy sales, it went generic a LONG time ago.
  Where I'm sure they don't mind if their wholesalers do, Big Pharma dare not openly engage in illicit production and sales. Regulators would find out quickly if they did and poof, no profits...
  
  --
  "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
5. Re:Probably ... by freeze128 · 2017-10-13 04:37 · Score: 2
  
  Somehow, I can't imagine heroin addicts buying their next fix over the internet. It seems more likely that they would need it to be delivered WAY FASTER, and they would eventually end up selling their PC/laptop/smartphone just to get money for their next fix anyway.
  
  Plus, a local news story about the rising overdoses from Heroin mentions that the Heroin was TOO POWERFUL, because it was mixed with oxycodone.
6. Re:Probably ... by smooth+wombat · 2017-10-13 04:43 · Score: 0
  
  I'm sure the pharmaceutical companies could care less about those using heroin. They're not their customers.
  But, since you're on the whole "Big Pharma" canard, think of how much money those companies have left on the table by curing polio and small pox. Think of the money they could be raking in by not finding a solution.
  
  --
  We will bankrupt ourselves in the vain search for absolute security. -- Dwight D. Eisenhower
7. Re:Probably ... by dj245 · 2017-10-13 04:44 · Score: 1
  
  There's no real money in legitimate Oxy sales, it went generic a LONG time ago.
  Where I'm sure they don't mind if their wholesalers do, Big Pharma dare not openly engage in illicit production and sales. Regulators would find out quickly if they did and poof, no profits...
  Oxycontin may be a generic now, but there's plenty of money in "Oxy" sales. It has just moved on into newer drugs that have "anti-abuse" additives (which don't work very well), more powerful versions for "intractable pain" (which gets prescribed for not-so-intractable pain), long-release versions, etc.
  
  --
  Even those who arrange and design shrubberies are under considerable economic stress at this period in history.
8. Re:Probably ... by dj245 · 2017-10-13 04:49 · Score: 3, Informative
  
  Somehow, I can't imagine heroin addicts buying their next fix over the internet. It seems more likely that they would need it to be delivered WAY FASTER, and they would eventually end up selling their PC/laptop/smartphone just to get money for their next fix anyway. Plus, a local news story about the rising overdoses from Heroin mentions that the Heroin was TOO POWERFUL, because it was mixed with oxycodone.
  You would be surprised. Buying over the internet completely eliminates the risk of getting physically harmed during the transaction. The risk of being robbed is probably about the same. The risk of getting caught by law enforcement is probably less (for reasonably small quantities).
  
  Desperate people living day to day probably aren't using the dark web, but such people probably aren't using Amazon Prime either. There are plenty of affluent drug users, if Hollywood is any indication.
  
  --
  Even those who arrange and design shrubberies are under considerable economic stress at this period in history.
9. Re:Probably ... by Anonymous Coward · 2017-10-13 05:05 · Score: 0
  
  Somehow, I can't imagine heroin addicts buying their next fix over the internet. It seems more likely that they would need it to be delivered WAY FASTER, and they would eventually end up selling their PC/laptop/smartphone just to get money for their next fix anyway.
  Plus, a local news story about the rising overdoses from Heroin mentions that the Heroin was TOO POWERFUL, because it was mixed with oxycodone.
  I think its more of the dealers buying it online to sell to local addicts
10. Re:Probably ... by murdocj · 2017-10-13 05:07 · Score: 0
  
  Heck, why not blame Obama for it, as long as you don't have anything other than speculation.
11. Re:Probably ... by Skuld-Chan · 2017-10-13 06:46 · Score: 1
  
  Those Hollywood liberals and their drug use:
  http://www.nytimes.com/2006/04...
12. Re: Probably ... by Anonymous Coward · 2017-10-13 07:10 · Score: 0
  
  >his country hasnt been ravaged by chinese fentanyl because of cheap cia heroin
  just you wait bub
13. Re:Probably ... by Anonymous Coward · 2017-10-13 08:17 · Score: 0
  
  We should wait until we have evidence to speculate. It could just as easily be some state actor trying to take out the site(s) or it could be site competitors trying to drive traffic to their own services.
  Uninformed speculation won't help anything.
14. Re:Probably ... by bill_mcgonigle · 2017-10-13 09:21 · Score: 1
  
  Somehow, I can't imagine heroin addicts buying their next fix over the internet. It seems more likely that they would need it to be delivered WAY FASTER
  It seems like you don't know that many heroin addicts are opioid addicts who couldn't get their prescription meds anymore (largely due to "the war on opiates"). They are accountants, lawyers, and insurance salesmen who had back surgery, etc.
  Plus, a local news story about the rising overdoses from Heroin mentions that the Heroin was TOO POWERFUL, because it was mixed with oxycodone.
  Street drugs are sold by the least capable of the dealers at this point. Every online marketplace since eBay was invented has had vendor feedback and dead people don't leave positive feedback. You need to look at the incentive structures at play here.
  
  --
  My God, it's Full of Source!
  OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
15. Re: Probably ... by Anonymous Coward · 2017-10-13 12:26 · Score: 0
  
  If you have access to a number of Tor nodes, and drive a huge level of traffic to a single endpoint, you can determine where it is.
  It's most likely the NSA doing exactly that, and in a few weeks the sites will suddenly go dark when their hosting providers get raided. Then they'll mysteriously come back online with a fresh batch of JavaScript embedded in the pages.
16. Re: Probably ... by datavirtue · 2017-10-13 22:00 · Score: 1
  
  Same day delivery when fulfilled through Amazon
  
  --
  I object to power without constructive purpose. --Spock
Lucky me by Anonymous Coward · 2017-10-13 04:10 · Score: 0

I'm sorted for e's and whiz
1. Re:Lucky me by Anonymous Coward · 2017-10-13 12:31 · Score: 0
  
  I'm sorted for e's and whiz
  But the market for boogers, walla-wallas, and tic-tac-schpranoodles is going to be impacted,for sure.
Drug cartels are ... by CaptainDork · 2017-10-13 04:10 · Score: 1

... affected by the "Amazon Effect," as well.

U.S. stores have been closing at a faster rate in 2017 than at any time since the recession, an American phenomenon being dubbed "retail apocalypse." Though this has so-far been largely a worry for U.S. retailers, the Wall Street Journal reports that investors in Europe are worried that it is now spreading abroad.
Brick and Mortar retail wishes they could retaliate.

--
It little behooves the best of us to comment on the rest of us.
1. Re:Drug cartels are ... by NicknameUnavailable · 2017-10-13 04:24 · Score: 2
  
  The Amazon Effect impacts middlemen, not manufacturers. The owners of the drug cartels are the CIA, while the cartels only really focus on distribution as a matter of doing business, and do so at significant PR and monetary costs. They're still stuck with distribution and it's mostly the end dealers or dealers near the end of the chain who use the darknet sites. If any Amazon Effect is involved it's impacting the last 1-2 guys in the distribution chain, but more likely they're the ones using it to avoid taking in-person risks during transactions, or at least to minimize them.
2. Re:Drug cartels are ... by Opportunist · 2017-10-13 04:33 · Score: 1
  
  You think the dark web markets would get shut down if the CIA profited from them?
  
  --
  We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
3. Re:Drug cartels are ... by NicknameUnavailable · 2017-10-13 05:38 · Score: 1
  
  The point I'm trying to make is that the dark web is irrelevant. The CIA isn't the only one involved, the FBI and DEA have competing interests to shut things down. The misunderstanding here is that the dark web is relevant to the drug trade, it isn't. Anyone with even an ounce of security sense (which the CIA and therefore directly or indirectly, their puppets, have) knows that digital security is a joke between the honeypot sites on the darkweb, the monitoring of the networks they operate on to "conceal" traffic, and the backdoors built into every chip made after 2006. The CIA wouldn't risk their assets on such a system exposed to the wider internet and as a byproduct of that they wouldn't allow their puppet cartels to do so either. The only people benefiting from the darkweb drug trade are the end users with an extra convenience factor and the lowliest of dealers who nobody would really miss if they disappeared from the supply chain.
4. Re: Drug cartels are ... by mSparks43 · 2017-10-13 10:25 · Score: 1
  
  pretty sure most of the cartels will have moved over to stealth tor services by now for general coordination and transactions. Opium to Russia/China is mostly US Army rather than cia, Opium into US mostly seems to be Chinese Army. for the rest of illegal pharma, a good portion of the market is private manufacturers with only limited resources. For example that scene in TED2 when they crash into the marujuarna field.
5. Re: Drug cartels are ... by NicknameUnavailable · 2017-10-13 10:35 · Score: 1
  
  That isn't remotely true. The Army was involved in 1 drug massive drug deal and it was some rogue soldiers inclusive of a pilot of a C-130 who were sent on a long mission to Columbia, had too much leeway, and realized they could smuggle coke for a cartel they were supposed to be hunting.
Wait it out... by Anonymous Coward · 2017-10-13 04:20 · Score: 0

DDOS's end eventually
"with special software" ? by Anonymous Coward · 2017-10-13 04:26 · Score: 1

That reads like some CNN/NBC/ABC/FOXNEWS retard shit. What is this "special software" ? is it so special that it can't be named on slashdot? you know, news for nerds, who can handle the name of the 'special software'
1. Re:"with special software" ? by jellomizer · 2017-10-13 04:30 · Score: 1
  
  Port 8080
  
  --
  If something is so important that you feel the need to post it on the internet... It probably isn't that important.
2. Re:"with special software" ? by PCM2 · 2017-10-13 10:04 · Score: 1
  
  It is unfortunate that you would have to fucking read to find out the name of the "special software," even though you already know what it is.
  
  --
  Breakfast served all day!
Bah by nospam007 · 2017-10-13 04:26 · Score: 0

I'm waiting for the _new_ Dread Pirate Roberts.
I know, I keep using that word, but it _does_ mean what I think it means.
1. Re:Bah by bobbied · 2017-10-13 04:38 · Score: 1
  
  But, Wesley is dead.... Or at least mostly dead...
  
  --
  "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
2. Re: Bah by Anonymous Coward · 2017-10-13 06:40 · Score: 0
  
  "Shut up, Wesley"
3. Re:Bah by barbariccow · 2017-10-13 09:38 · Score: 2
  
  Not dead, but his unwillingness to try heroin^H^H^H^H^H^H^H The Game ended up saving the crew. Just Say No to Wesley Crusher!
Flooding one end to find the other? by glitch! · 2017-10-13 04:26 · Score: 4, Interesting

I wonder if this is a way of finding the customers. The dark system may hide IP addresses, but if someone can affect the timing on one end, that itself can be a signal. If they can flood one end, maybe they can look for indications of that congestion at the other end.

--
A dingo ate my sig...
1. Re:Flooding one end to find the other? by Opportunist · 2017-10-13 04:37 · Score: 2
  
  Not really good enough. Many TOR sites, dark webbed and otherwise, have atrocious response times. You'd get too many false positives.
  Not that this would discourage our current "arrest them all then have them prove their innocence" law enforcement strategy.
  
  --
  We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
2. Re:Flooding one end to find the other? by uvajed_ekil · 2017-10-13 12:35 · Score: 1
  
  I wonder if this is a way of finding the customers. The dark system may hide IP addresses, but if someone can affect the timing on one end, that itself can be a signal. If they can flood one end, maybe they can look for indications of that congestion at the other end.
  No one's interested in tracking down customers that way. There are too many of them and they are too small to bother with. The method of combating online illicit drug sales is to take down the sites, since using a collection of seized records makes it a lot easier to find the sellers, and the site owners are considered big fish.
  
  --
  This is a hacked account, for which the owner can not be held responsible.
How does this work? by slashmydots · 2017-10-13 04:30 · Score: 1

If you tried to DDOS anything on the Tor network, you either know the real server's IP address, in which case send it to the FBI. That or you go through some crappy volunteer-run gateway or relay or whatever and I guarantee that would freeze up and disconnect you before a more capable actual web server. So how exactly are they doing this?
1. Re:How does this work? by behrooz0az · 2017-10-13 06:27 · Score: 1
  
  keyword: 'distributed'
  They probably connect to a number of different nodes and DoS the onion address using those?
  I can't be very sure though; It's 'specialized' software; lolz.
  
  --
  Moderating "-1, Disagree" is simple censorship. Have the guts to post your opinion. -- Spazmania (174582)
Piercing anonymity? by Okian+Warrior · 2017-10-13 04:34 · Score: 5, Interesting

This leads to an interesting question.
We know that the original dark-web protocol allowed state actors to pierce the veil of anonymity by traffic analysis. For example, even though packets were encrypted, you could follow packets of the same length to their destination. Do this multiple times, and you have a statistical certainty of the destination site.
That was fixed, and a similar technique with packet timing was also fixed.
I'm wondering now: can packet *volume* can be used to fingerprint a communication path?
Suppose you could flood a site through the Onion system, and also turn it on and off with a 1-sec resolution. Set up a pattern of on/off packet floods, then see which destinations get flooded during which seconds.
Can you then use traffic analysis to uncover the destination site?
1. Re:Piercing anonymity? by Anonymous Coward · 2017-10-13 05:04 · Score: 3, Informative
  
  Can you then use traffic analysis to uncover the destination site?
  Yes. Which is why it's a requirement of any serious anonymous protocol to send a random amount of traffic. This also translates into genuine uploads/downloads that will transfer at random speeds. It's still not enough because the fact that there is *a* destination translates into a target that can still be figured out by simply blocking routes until you can no longer reach said destination. It's why the more serious networks are decentralized. Yes, there's going to be *a* destination at the beginning, but once the content is pushed out then a lot of other nodes are also destinations. It'd still be possible to do the above attack, but it'd require enough control during times when content is published vs being able to launch the at any time so long as enough nodes are controlled at one time.
  In the end, since the content is considered illegal and the NSA clearly doesn't play by the rules (and the FBI doesn't either considering their willingness to host illegal content) and there's parallel construction, it all comes down to the willingness of law enforcement to spend the resources to actually go after dark web sites. The only thing protecting people today is how bogged down the judiciary system already is with drug arrests, to the point that "a speed trial" is a joke. So, they spend tons of resources to go after low hanging fruit, big players, and a few random others they can nab. The rest just keep going, perhaps with more fear they'll be arrested next time.
2. Re:Piercing anonymity? by barbariccow · 2017-10-13 09:41 · Score: 1
  
  Based on how TOR works, I would think the DDOS would be hurting the entire dark web (by flooding the nodes) in addition to a single server..
Real Question by Anonymous Coward · 2017-10-13 06:27 · Score: 0

How safe is that? I gather trade bitcoin and they send to a P.O. box without a name? Legally, if you pick something up at a mailbox it oK?
1. Re:Real Question by Anonymous Coward · 2017-10-13 07:10 · Score: 1
  
  Get it sent to your usual home address, with the name of a previous tenant/occupier. Plausible deniability. You'll be fine.
Drugs from the Dark Web by Anonymous Coward · 2017-10-13 06:35 · Score: 0

What could possibly go wrong....
I'm paranoid just letting PayPal having my credit card number.
Or wondering if I can order stuff over Ebay.
Just normal stuf. Like an Arduino clone.
So what sort of IDIOT ingests stuff they bought, illegaly, anonymously, over the DARK WEB. My mind boggles.
1. Re:Drugs from the Dark Web by Anonymous Coward · 2017-10-13 09:44 · Score: 0
  
  You don't pay with credit card directly. Also, since the dark web has reviews visible to everybody and street dealers have reviews only by word of mouth, they have much more incentive to not provide bad products.
Re: Inevitable... by Anonymous Coward · 2017-10-13 06:42 · Score: 0

Amazon affiliate spam, please mod down.
When did the definition change? by JohnFen · 2017-10-13 08:48 · Score: 1

The dark web -- a pack of websites that hides their physical location with special software
The "dark web" used to mean websites that weren't indexed in any search engines.
Has the definition changed? Damn, I missed that memo.
1. Re:When did the definition change? by barbariccow · 2017-10-13 09:45 · Score: 2
  
  The Dark Web is the internet that doesn't travel over fibre, thus the data is poorly lit.
2. Re:When did the definition change? by Anonymous Coward · 2017-10-13 11:17 · Score: 0
  
  The "dark web" used to mean websites that weren't indexed in any search engines.
  Has the definition changed? Damn, I missed that memo.
  You've missed nothing. Journalists just fail to grasp the difference between dark web and dark net and use them interchangeably.
3. Re:When did the definition change? by uvajed_ekil · 2017-10-13 12:43 · Score: 1
  
  The "dark web" used to mean websites that weren't indexed in any search engines.
  Has the definition changed? Damn, I missed that memo.
  You've missed nothing. Journalists just fail to grasp the difference between dark web and dark net and use them interchangeably.
  You've missed something: users frequently use the two terms interchangeably now, too. Dark net, dark web, whatever, those are terms they're using for something more specific than their original use, but this is not incorrect, as the shady grey are markets in question fit either definition.
  
  --
  This is a hacked account, for which the owner can not be held responsible.
Is there some new site not being DDOSed? by jandrese · 2017-10-13 08:57 · Score: 1

My first thought is that someone has set up their own drug exchange and is trying to knock the competition offline. Of course since this is TOR a DDOS affects everybody on the network, so it's a bit self defeating.

--

I read the internet for the articles.
Re:Inevitable... by barbariccow · 2017-10-13 09:39 · Score: 1

What's with all the links to products on Amazon today? Are they paying shills on slashdot now?
Probably somebody testing traffic-analysis... by gweihir · 2017-10-13 11:38 · Score: 1

...to find out where the sites are. Normally, the traffic snooping needed to find a hidden service needs to cover a lot of the network. It is unclear whether it is actually possible to do. But maybe you can do better if you flood one or several high-responsiveness target sites, ideally with some very specific patterns. My guess is somebody is testing that now.
An alternate explanation would be that they try to trick the site operators into doing something hasty and stupid.

--
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
awww by Anonymous Coward · 2017-10-13 13:16 · Score: 0

how bloody AWFUL for them.