Someone Is Trying to Knock the Dark Web Drug Trade Offline (thedailybeast.com)

← Back to Stories (view on slashdot.org)

Someone Is Trying to Knock the Dark Web Drug Trade Offline (thedailybeast.com)

Posted by msmash on Friday October 13, 2017 @04:00AM from the new-wrinkle dept.

Joseph Cox, reporting for the Daily Beast: The dark web -- a pack of websites that hides their physical location with special software -- is always a precarious place, with the FBI shutting down massive criminal networks, or competing sites hacking one another. Now, someone is trying to take the four largest drug marketplaces offline, seemingly by flooding them with a torrent of traffic. These sites offer a mail-order service for pretty much any drug a customer could imagine, from LSD to varieties of heroin. As of at least Friday morning, several marketplaces were inaccessible or could only be visited from backup website addresses, and at the time of publication are still facing problems. It's not totally clear who is behind the outages, but the downtime has disrupted the dark-web community somewhat. "We are facing a DDoS attack atm [at the moment] and I guess many other markets as well," a Reddit moderator for the site dubbed Wall Street, one of the affected marketplaces, told The Daily Beast.

5 of 62 comments (clear)

Min score:

Reason:

Sort:

Probably ... by PPH · 2017-10-13 04:07 · Score: 4, Insightful

... big Pharma. Heroin is cutting into their oxycodone sales.

--
Have gnu, will travel.
1. Re:Probably ... by dj245 · 2017-10-13 04:49 · Score: 3, Informative
  
  Somehow, I can't imagine heroin addicts buying their next fix over the internet. It seems more likely that they would need it to be delivered WAY FASTER, and they would eventually end up selling their PC/laptop/smartphone just to get money for their next fix anyway. Plus, a local news story about the rising overdoses from Heroin mentions that the Heroin was TOO POWERFUL, because it was mixed with oxycodone.
  You would be surprised. Buying over the internet completely eliminates the risk of getting physically harmed during the transaction. The risk of being robbed is probably about the same. The risk of getting caught by law enforcement is probably less (for reasonably small quantities).
  
  Desperate people living day to day probably aren't using the dark web, but such people probably aren't using Amazon Prime either. There are plenty of affluent drug users, if Hollywood is any indication.
  
  --
  Even those who arrange and design shrubberies are under considerable economic stress at this period in history.
Flooding one end to find the other? by glitch! · 2017-10-13 04:26 · Score: 4, Interesting

I wonder if this is a way of finding the customers. The dark system may hide IP addresses, but if someone can affect the timing on one end, that itself can be a signal. If they can flood one end, maybe they can look for indications of that congestion at the other end.

--
A dingo ate my sig...
Piercing anonymity? by Okian+Warrior · 2017-10-13 04:34 · Score: 5, Interesting

This leads to an interesting question.
We know that the original dark-web protocol allowed state actors to pierce the veil of anonymity by traffic analysis. For example, even though packets were encrypted, you could follow packets of the same length to their destination. Do this multiple times, and you have a statistical certainty of the destination site.
That was fixed, and a similar technique with packet timing was also fixed.
I'm wondering now: can packet *volume* can be used to fingerprint a communication path?
Suppose you could flood a site through the Onion system, and also turn it on and off with a 1-sec resolution. Set up a pattern of on/off packet floods, then see which destinations get flooded during which seconds.
Can you then use traffic analysis to uncover the destination site?
1. Re:Piercing anonymity? by Anonymous Coward · 2017-10-13 05:04 · Score: 3, Informative
  
  Can you then use traffic analysis to uncover the destination site?
  Yes. Which is why it's a requirement of any serious anonymous protocol to send a random amount of traffic. This also translates into genuine uploads/downloads that will transfer at random speeds. It's still not enough because the fact that there is *a* destination translates into a target that can still be figured out by simply blocking routes until you can no longer reach said destination. It's why the more serious networks are decentralized. Yes, there's going to be *a* destination at the beginning, but once the content is pushed out then a lot of other nodes are also destinations. It'd still be possible to do the above attack, but it'd require enough control during times when content is published vs being able to launch the at any time so long as enough nodes are controlled at one time.
  In the end, since the content is considered illegal and the NSA clearly doesn't play by the rules (and the FBI doesn't either considering their willingness to host illegal content) and there's parallel construction, it all comes down to the willingness of law enforcement to spend the resources to actually go after dark web sites. The only thing protecting people today is how bogged down the judiciary system already is with drug arrests, to the point that "a speed trial" is a joke. So, they spend tons of resources to go after low hanging fruit, big players, and a few random others they can nab. The rest just keep going, perhaps with more fear they'll be arrested next time.