In a post to to the Tor-dev list, nacash, the proprietor of Doxbin, explained the beginnings of a theory of how Operation Onymous was able to locate, take down, and deface so many Deep web services this past week. Doxbin was a Deep web service that allowed the buying and selling of sensitive personal information for use of intimidation. One popular example of Doxbin’s use involves death threats and threats of “swatting” to the Judge presiding over the case of alleged Deep Web marketplace operator Ross Ulbricht, from Silk Road part 1.
Nacash presented logs from a sustained DDOS that his hidden service endured in August that, in hindsight, may have started his site’s downfall. The total number of confirmed Deep Web/Dark Net services, chief among them Silk Road 2.0, that have been taken down is 27, according to a Dark Net Market Seizure Forfeiture Complaint. While many government agencies boasted that the total number of “websites” taken down was over 400, most services had several different .onion addresses to the same or different servers.
Government DDOS on the Deep Web
Nacash claims that it is likely that his deep web service, as well as the dozens of others brought down by joint government action this past week, were “de-anonymized” through the use of web requests specifically designed to allow meta correlation of data to track the real (usually hidden) IP of servers hosting infamous Tor sites. Theories floating around the internet at the tor-dev mailing list include one by the founder of Doxbin which posits that such a DDOS attack is used to force connections to the site’s hidden server through nodes controlled by law enforcement. If law enforcement happened to be in control of a node routing traffic to Doxbin or any other Deep Web site, they would for all intents and purposes be middle men, with all the security risks involved there. More technical information on the potential attack can be found written by Ars Technica’s IT Editor, Sean Gallagher.
What do you think about Tor’s privacy in light of this new theory? Comment below!
Images from Shutterstock.