decrypt.co
All modern Onion addresses on the anonymous browser network, Tor, went offline yesterday after a bug held up the system. Signs point to a DDoS attack, and the disruption caused some users of Bitcoin privacy wallet Wasabi to suffer connection issues.
“It appears that somebody made their own Tor implementation that fetches directory info in a very rude way”...a custom DDoS tool?” said Roger Dingledine, a Tor reporter, yesterday. Then, the system overload exposed a bug that kept the network offline.
Black marketplaces White House Market and Asean Market, message board 8chan, and Julian Assange’s WikiLeaks were among dozens of popular sites taken offline by the bug.
Due to an implementation bug, v3 onion services were experiencing instability earlier today.
A bug fix is on the way.
Everything else in Tor works fine even when the consensus is a few hours old, and v3 onion services should too.👇— The Tor Project (@torproject) January 10, 2021
Wasabi, which funnels its traffic through Tor, said today in a blog post that some of its users experienced connection issues as a result. All in all, though, Wasabi managed to withstand the attack automatically, even though it uses modern v3 addresses that brought other sites offline.
“Most of our users haven't noticed any interruptions because Wasabi was able to recover automatically. There were a few users who encountered intermittent Tor connection issues. But in most of these cases, restarting the Tor client solved the problem,” the company wrote.
Wasabi Wallet tunnels traffic through Tor to encrypt transactions. It connects users to random Bitcoin p2p nodes, using Tor to obscure transactions so that it’s almost impossible to work out how funds flow across blockchains.
Wasabi wasn’t thwarted by the bug because it has a fallback system that connects with the regular internet through Tor. “This allows the user to continue to operate, even in unusual/offline onion backend conditions,” it said.
More on the way
Denial of service attacks are on the up. According to an August 2020 report from cybersecurity company Kaspersky, DDoS attacks increased three-fold in the second quarter of 2020 compared to the same period in 2019.
Kim Crawley, cybersecurity expert and author of The Pentester Blueprint, told Decrypt that Tor sites are vulnerable because they “are not able to use services like Cloudflare to mitigate DDOS attacks.”