- Dread is going through intermittent disruptions as someone is DDoSing its servers.
- The platform will scale up soon, but if the attacker follows suit, it will affect the Tor network itself.
- This is a situation that calls for the action of the Tor Project once again, as the network is already breaking.
Dread is a Reddit-like forum on the dark web where anonymous users gather to discuss anything, from darknet market offerings to casual tech news. It has been around since 2018, and it has suffered little disruption considering what’s generally the case on the dark web.
One exception to that is an October 2019 event of a mass-exploitation of a Tor vulnerability used to launch DDoS attacks against Dread and other big dark web platforms. Recently, the forum has experienced a similar attack that forced it to go on and off intermittently, so one of its admins came out to explain what’s going on.
As the person illustrated on Reddit (Dread was down), an unknown attacker is persistently overloading the platform creating a DDoS-induced downtime situation. They are currently working non-stop to configure new servers and spread out the load, but the outcome of this mitigation is uncertain due to the massive volume of the attack.
It is such that if the attacker scales up as a response, it could crash the network to the point that no one will be able to connect to Tor. Already, there are instances of other services being affected because of guard node knock-outs.
Once Dread scales up, the attacker may back off, as it could be hard for them to respond to the new DDoS requirements. That would have the site return to normal uptime, and the Tor network becoming freed from the burden. If the attacker has the resources to scale up and meet the new demand, everything will go down.
The poster said this is unlikely as nobody (in the cybercrime space) would benefit from it, but it could theoretically happen anyway. After all, this may not be an action from a competitor, but from law enforcement authorities, for example. Or it could be an actor determined to take down one of the most resilient dark web platforms of recent years.
Tor is also working on a fix to the exploited bug, but the timeline for that goes a long way, so salvation is not expected to come from there soon. If the scaling up happens, though, the pressure will be on the Tor Project to expedite the release of the fix. As the poster characteristically writes: “Either way this will be a rollercoaster and I invite you all on the ride, it's one for the history books.”