As seen by ZDNet in an in a bug report, developers at Tor Project are finally making a patch for the bug that’s affecting onion sites with DDoS attacks. This action was requested by both Tor users and site owners, who were pushed by the recent wave of DDoS attacks. The upcoming patch may not mitigate the threat completely, but offers tools to lessen the attack.
Tor Team to Fix a Bug Causing DDoS Attacks
The Tor Project is a novel concept appreciated for offering a secure way to surf the web. Yet, it’s vested with several vulnerabilities that aren’t, or say unable to be looked after by the small team it has. And since the service is free and users donations are peanuts to maintain the service, it takes time for patching any reportedly bugs in it.
One such bug has been causing headache to the community since so long, where it’s exploited by many threat actors to bring down their targeted site. The bug, wasn’t reported where it’s existing, can trigger DDoS attacks in the onion service of the Tor system. To understand this, you should be having an idea of how a DDoS attack is performed.
Every website you visit, whether in the Tor network or the surface internet, will be procuring data from its respective server located elsewhere. The data facilitating server is limited to its capacity of a certain extent, after which it cannot facilitate the data requests from the user’s website anymore. This causes the service to crash, and display nothing as you desired.
This can hinder the services to legitimate users, thus making the platform (website) useless. Several darknet websites have been plagued by this type of attack since years – all because of a bug which is set to be patched soon. Many sites like Dream Market has shut down unable to take the continuous attacks, while some has suggested their users to donate to Tor for making a patch.
And this worked, as the Tor project has taken up this at priority and seen working on this. A patch for this bug cannon mitigate the attack completely, as it’s difficult to differentiate between legitimate and malicious requests, thus it’s only there to lessen the attack, which makes the response time longer in case it’s attacked.