Silk Road Under DDoS Attack
The Silk Road, the worlds largest online anonymous market famous for its wide collection of illicit drugs and its use of Tor and Bitcoin to protect its users privacy, reports that it is currently being subjected to what may be the most powerful distributed denial-of-service attack against the site to date. The site has now been inaccessible for roughly two days, although the official forums continue to be online and some users have even reported brief intermittent periods of availability for the main site as well. One possible motivation behind the attack is a ransom attempt; Australian news media is reporting that the Silk Road had received a message demanding a payment of $5,000 on April 27. However, evidence of this is scant; the claim does not appear anywhere in Silk Road administrator Dread Pirate Roberts public forum posts, his primary (if not only) medium of public communication.
Regarding the current status of the attack, Roberts has posted a public update on the situation on the official forum, writing the following:
We have come a long way in the battle, but still do not have the upper hand. Its looking more and more like a restructuring of the tor software or even the tor network will be required to mitigate the kind of attack we are under. If this can be solved by modifying the tor client software running the silk road .onion, then it will be a matter of patching and redeploying the hidden service. If it is a network issue, it will require the cooperation of the Tor developers, or running a new network of nodes. I havent given up hope for a faster solution, but if one can not be found, then we will move to a semi private scheme where users will be given access through many private URLs. Ill keep everyone updated on how we will move forward, but please be prepared for a few more days at the least of no access.
This is not the first major outage for Silk Road; in November 2012, following a combination of technical difficulties and a sudden growth in usage the website was down for an entire week. However, the words of Dread Pirate Roberts strongly suggest that this attack is not like the others. First of all, this is not the first DDoS attack to take place within the past week an earlier attack had taken the site down for 36 hours between April 24 and April 26. After successfully bringing the Silk Road back online, Dread Pirate Roberts released a public message announcing his victory and even praising the attackers intellect, writing I have zero respect for the attackers tactics, but I have huge respect for his intellect, giving me confidence that we can and will overcome any future technology-based attacks on Silk Road. The short time difference between this last attack and the current one, and the fact that both attacks have managed to bring the site down for over 36 hours, provides some evidence suggesting that the perpetrators of the two attacks are one and the same. This paints a grim picture of the assailant: a person, or organization, that is highly intelligent, has a lot of resources at their disposal, and is not willing to give up.
Second, the fact that Dread Pirate Roberts is even talking about moving to a semi-private scheme that is, requiring users to jump through hoops to obtain a Tor address at which to access the site, is another sign that this attack is very serious. One of the main attractions of the Silk Road is that anyone, even those who have no connections or knowledge of where to find illicit products on the street, can purchase a wide assortment of goods from an interface that is, once Tor and Bitcoin are set up, no harder to use than Amazon or eBay. Requiring new users to, say, go on reddit.com/r/silkroad and ask for a semi-private address to access the site would seriously hamper adoption and, equally importantly, create a central point of failure. Law enforcement could easily pressure Reddit to take down r/silkroad and play a constant cat-and-mouse game with the Silk Road community as they attempt to find other portals on which to set up a public entrance point a game that law enforcement would never be able to win, but which would nevertheless make it even more difficult for new users to join.
In the meantime, there are two other online black markets available that Silk Road users can use as a fallback: Black Market Reloaded and Atlantis. Black Market Reloaded recently released statistics that showed that the site was doing quite well: its monthly trade volume is now up to $750,000 per month, over a third of the $2 million per month figure estimated for Silk Road by Carnegie Mellon researchers last summer. Its selection of goods is now as large as that of Silk Road, as since Silk Roads last major outage in November a large number of Silk Road sellers have started maintaining profiles on both. However, the infrastructure is not yet as well-developed; some Silk Road users complain that Black Market Reloaded has a much weaker consumer protection framework and it is harder to find vendors with an established reputation that can be trusted. Atlantis is currently very small; the site was only released this year in March, and less than a thousand different goods are offered for sale. Its main attraction: supporting Litecoin as well as Bitcoin.
Of course, these two markets themselves are safe from attack; if the attacker currently targeting the Silk Road is doing so with the intent of disrupting all Tor-based crypto-commerce, they can easily add Black Market Reloaded and Atlantiss Tor addresses to their list of targets and expand the attack. It is likely that the two fledgling competitors would fare even more poorly than the Silk Road, as they have not had the prior experience handling DDoS attacks than the Silk Road had. As for the Silk Road itself, the latest word from Dread Pirate Roberts is that he is still working on a solution. Whether the Silk Road will emerge from this attack unscathed or not is a question the answer to which is unfolding with each passing second, and tens of thousands of people are watching to find out.