"Oh great! Now how am I going to order my heroin online?"
That's probably not a sentence you've ever had to utter at your computer screen. That is, unless you happen to be a loyal customer of the Silk Road, a deep-web black market that was recently shut down by a Distributed Denial of Service Attack (DDoS) that has the site's administrator scrambling for solutions.
Multiple news outlets report that the illicit virtual marketplace was shut down for at least 72 hours this week by a series of sustained DDoS attacks. The site is up and running again, but a statement from the the Silk Road's anonymous administrator, alias “Dread Pirate Roberts,” alludes to some potentially critical security concerns for the "Amazon of Drugs."
"We have come a long way in the battle, but still do not have the upper hand. It’s looking more and more like a restructuring of the tor software or even the tor network will be required to mitigate the kind of attack we are under. If this can be solved by modifying the tor client software running the silk road .onion, then it will be a matter of patching and redeploying the hidden service. If it is a network issue, it will require the cooperation of the Tor developers, or running a new network of nodes. I haven’t given up hope for a faster solution, but if one can not be found, then we will move to a semi private scheme where users will be given access through many private URLs. I’ll keep everyone updated on how we will move forward, but please be prepared for a few more days at the least of no access."
That statement, made by Dread Pirate Roberts on the site's public forum, makes the problems seem much more systemic than originally thought. After a brief shutdown earlier in the week, Roberts was much more boastful of his site's ability to thwart hackers. But when a second attack followed shortly thereafter, it became clear to site administrators and security experts that the Silk Road was facing a much bigger threat.
"The short time difference between this last attack and the current one, and the fact that both attacks have managed to bring the site down for over 36 hours, provides some evidence suggesting that the perpetrators of the two attacks are one and the same," writes Vitalik Buterin of Bitcoin Magazine. "This paints a grim picture of the assailant: a person, or organization, that is highly intelligent, has a lot of resources at their disposal, and is not willing to give up."
Buterin and others have called the attack very sophisticated, in part because the Silk Road is a constantly moving target. As the web's largest haven for illicit contraband (mostly drugs), the site has a constantly changing URL that won't show up in conventional search engines and is only accessible through the anonymous browsing service Tor. The site makes use of the digital currency Bitcoin to avoid becoming entangled with bank accounts or regulated currency.
The attackers in this case have managed to navigate an elaborate network of tor connections to reach the site and flood it with connections from a botnet—a “zombie army” of hacked computers—in order to make it crash. It's unclear what the motivation for the attack is, but there are reports that the attacker(s) have demanded a $5,000 ransom to restore service and discontinue the attacks.
News.com.au reports that a Silk Road administrator is offering $5,000 to anyone with any "information that leads to the arrest and conviction of whoever is behind this extortion attempt.”
This isn't the first time the Silk Road has faced a highly publicized security threat. In March, a Reddit user claimed to have the marketplace's real IP address, which law enforcement could use to track down its owners.
Photo via Bigstock