Top Dark Net black market pauses operations due to Tor vulnerability

New research shows it may be easier than expected to deanonymize users.


Patrick Howell O'Neill


Posted on Aug 26, 2015   Updated on May 28, 2021, 2:26 am CDT

Agora, the largest and oldest surviving Dark Net market, paused operations on Wednesday due to reported vulnerabilities in Tor found by recent research, according to the market’s owners.

Normally an island of stability in a sea of chaos, Agora handles millions of dollars per year for its top vendor, a huge chunk of the Dark Net drug trade. As such, its pause is a major seismic shift for black markets on the Dark Net. 

The attack cited by Agora’s owners reportedly allows adversaries to learn which hidden websites a Tor user visits, as well as the websites’ locations, with up to 88 percent accuracy. 

The new research showed that the amount of resources required to deanonymize a hidden service like Agora was “much lower than expected,” Agora’s owners explained, “and in our case we do believe we have interested parties who possess such resources.”

Tor co-creator Roger Dingledine called the research “well-written” last month but stressed that this sort of research has “historically overestimated the risks for users.”

A solution at Agora is in the works, but it will take time to implement “big changes to our software stack, which we believe will mitigate such problems,” Agora’s owners wrote. “Additionally, we have recently been discovering suspicious activity around our servers, which led us to believe that some of the attacks described in the research could be going on, and we decided to move servers once again, however this is only a temporary solution.”

You can read the research below.

As of a May 2015 census, the drug-focused market accounted for 37 percent of all Dark Net product listings. It sold especially high volumes of marijuana, ecstasy, prescription drugs, and stimulants.

Agora has been operating since late 2013 after the original Silk Road was seized by the FBI. Although it immediately found some success, the market ballooned in size over the last year as a result of other markets falling to police action and theft.

Agora’s handling of the pause stands in stark contrast to other Dark Net markets that have shut down only to steal their customers’ money and run when faced with similar threats. 

Agora’s lifespan has been marked by several pauses in the name of security, most of which were handled with a high level of professionalism rarely seen on the Dark Net.

H/T Moustache | Photo via Laurel F/Flickr (CC BY-SA 2.0) | Remix by Max Fleishman

Share this article
*First Published: Aug 26, 2015, 10:01 am CDT