We have heard about DDoS attacks which are the type of attacks that disrupt an entire service. Basically, DoS attacks are called Denial of Service attacks and they take down the service. These are now known to be used many times for hacking or intruding into someone’s network.
We have just found out a new place where these attacks were used. For many years, DoS attacks were done on the dark web or .onion websites to launch distributed denial of service or DDoS.
Now, we have known that all this was possible only because of a bug present in the Tor Project. If you are unaware of the dark web, Tor is the only browser that can access dark web websites. So this is the one and only option if you need to browse any .onion websites. Since there was a bug, attackers used to exploit it to a great extent.
Now, ZDNet reports that the bug fix is on its way and the Tor protocol 0.4.2 release will fix this bug. Talking about the attacks, they would take place on a server hosting .onion websites which means the entire website will go down.
One of the reasons why this bug has not been fixed even after developers being aware of it is believed to be that because the bug also exploits the same process which needs to happen to establish a legitimate user’s connection.
Also, the lack of human power is believed to be one of the reasons for not fixing this bug yet. Anyways, the bug is now being fixed which means that dark web websites will no longer have to go through the same DDoS attacks.
One of the main problems was that there’s no way a website or its server can identify the connection is from an attacker or legit user unless it has established a connection. By that time, it was already too late.