grandeduc - Fotolia

News Stay informed about the latest enterprise technology news and product updates.

Tor vulnerabilities make the Dark Web too risky for the black market

The Dark Web is where many shady deals can happen on the Internet, but Tor vulnerabilities have made it too risky for one of the largest online black markets to stay in business.

Tor vulnerabilities are making the Dark Web unsafe for criminals these days. The Agora black market has decided...

to shut down and move its operations because of flaws in the Tor Hidden Service protocol that could expose server locations.

In July, researchers at MIT disclosed ways to successfully attack Tor servers. And in doing so, the location of a hidden server could be inferred by analyzing the traffic patterns and data passing through the Tor network.

The Agora market had been a place to purchase a wide range of illegal products, but it was best known as the successor to the Silk Road drug marketplace, which had been the most popular on the Dark Web.

In a post that was re-shared to Reddit, Agora's administrators said that users should not consider deposit addresses safe, and warned vendors of the illicit goods sold through the site "to abort any orders that haven't been sent out or processed yet." However, it was said that the market data, including user history and profile data, would remain intact once the site was reopened.

The Agora admin warned that it would be unsafe to keep users on the service, so the operations will be shut down for now.

"We have a solution in the works which will require big changes into our software stack which we believe will mitigate such problems, but unfortunately it will take time to implement," the Agora admin wrote. "Additionally, we have recently been discovering suspicious activity around our servers which led us to believe that some of the attacks described in the research could be going on and we decided to move servers once again, however this is only a temporary solution."

Next Steps

Learn how a Dark Web scanner could cut down on data breach detection time

Dig Deeper on Web security tools and best practices