tea pill stock art

New research shows it may be easier than expected to deanonymize users.

Agora, the largest and oldest surviving Dark Net market, paused operations on Wednesday due to reported vulnerabilities in Tor found by recent research, according to the market’s owners.

Normally an island of stability in a sea of chaos, Agora handles millions of dollars per year for its top vendor, a huge chunk of the Dark Net drug trade. As such, its pause is a major seismic shift for black markets on the Dark Net. 

The attack cited by Agora’s owners reportedly allows adversaries to learn which hidden websites a Tor user visits, as well as the websites’ locations, with up to 88 percent accuracy. 

The new research showed that the amount of resources required to deanonymize a hidden service like Agora was “much lower than expected,” Agora’s owners explained, “and in our case we do believe we have interested parties who possess such resources.”

Tor co-creator Roger Dingledine called the research “well-written” last month but stressed that this sort of research has “historically overestimated the risks for users.”

A solution at Agora is in the works, but it will take time to implement “big changes to our software stack, which we believe will mitigate such problems,” Agora’s owners wrote. “Additionally, we have recently been discovering suspicious activity around our servers, which led us to believe that some of the attacks described in the research could be going on, and we decided to move servers once again, however this is only a temporary solution.”

You can read the research below.

As of a May 2015 census, the drug-focused market accounted for 37 percent of all Dark Net product listings. It sold especially high volumes of marijuana, ecstasy, prescription drugs, and stimulants.

Agora has been operating since late 2013 after the original Silk Road was seized by the FBI. Although it immediately found some success, the market ballooned in size over the last year as a result of other markets falling to police action and theft.

Agora’s handling of the pause stands in stark contrast to other Dark Net markets that have shut down only to steal their customers’ money and run when faced with similar threats. 

Agora’s lifespan has been marked by several pauses in the name of security, most of which were handled with a high level of professionalism rarely seen on the Dark Net.

H/T Moustache | Photo via Laurel F/Flickr (CC BY-SA 2.0) | Remix by Max Fleishman

Patrick Howell O'Neill

Patrick Howell O'Neill

Patrick Howell O'Neill is a senior reporter at the Daily Dot. He reports on security and politics.

Police Bitcoin theft gives Silk Road defense team a plan of attack
Attorney says the admitted theft of $400,000 from Silk Road undermines the state's case against Ross Ulbricht.
From Our VICE Partners

Pure, uncut internet. Straight to your inbox.