Tor networks hit by wave of DDoS attacks

DDoS attack
(Image credit: FrameStockFootages / Shutterstock)

For the past seven months, anonymous communications platform Tor has been experiencing different types of Distributed Denial of Service (opens in new tab) (DDoS) attacks causing outages and slowdowns for users, the company has revealed.

In a company blog post (opens in new tab), Tor project executive director Isabela Dias Fernandes said the attacks would be sometimes be so severe that users would experience slow page loads, or in more extreme cases, the pages wouldn’t load at all.

The project’s engineers are “working hard” to tackle the problem, she added, but also said that the methods and targets change over time, forcing the project to adapt as the attacks continue. 

I2P attacked, too

So far, no one stepped forward to claim responsibility for the attacks, and Tor was not able to determine the attackers’ identities, or motives. “We will continue to increase and tweak defenses on the Tor network to combat this problem,” Fernandes concluded. 

While Tor might not know who is behind the attacks, users suspect nation-states might have something to do with it, mostly because another similar project has been experiencing similar aggravating circumstances. 

BleepingComputer also reported that the peer-to-peer network Invisible Internet Project (I2P) has also been under heavy DDoS attacks, for at least three days. The attacks forced some i2pd routers to crash with out-of-memory errors, rendering the service poor, or completely unusable, to some users. 

"As you already know, the I2P network has been targeted by a Denial-of-Service attack for the past ~3 days. The attacker is flooding the network with malicious floodfill routers, which are responding incorrectly or not at all to other routers and feeding the network false information," the project announced in a Reddit thread. 

"This results in performance and connectivity problems, because the floodfills provide peer information to the participants in the network. The result is a form of sybil attack which is used to cause widespread denial of service. This attack has degraded the performance of the network but it remains intact and usable. Java I2P routers still appear to be handling the issues better than i2pd routers. Various mitigations should appear in dev builds of both Java and C++ routers in the next week."

Via: BleepingComputer (opens in new tab)

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.