Someone Is Trying to Knock the Dark Web Drug Trade Offline

Joseph Cox, reporting for the Daily Beast: The dark web -- a pack of websites that hides their physical location with special software -- is always a precarious place, with the FBI shutting down massive criminal networks, or competing sites hacking one another. Now, someone is trying to take the four largest drug marketplaces offline, seemingly by flooding them with a torrent of traffic. These sites offer a mail-order service for pretty much any drug a customer could imagine, from LSD to varieties of heroin. As of at least Friday morning, several marketplaces were inaccessible or could only be visited from backup website addresses, and at the time of publication are still facing problems. It's not totally clear who is behind the outages, but the downtime has disrupted the dark-web community somewhat. "We are facing a DDoS attack atm [at the moment] and I guess many other markets as well," a Reddit moderator for the site dubbed Wall Street, one of the affected marketplaces, told The Daily Beast.

i noticed that, too

[turkeydance]

have to hit the street

Probably ...

[PPH]

... big Pharma. Heroin is cutting into their oxycodone sales.

Re:

[Anonymous Coward]

Sounds about right especially since these organizations funding anti drug programs and fighting legalization. https://www.usnews.com/news/articles/2016-09-08/fentanyl-maker-donates-big-to-campaign-opposing-pot-legalization

Re:

[Opportunist]

Not to mention that certain TLAs don't like it when you cut into the way they fill their "funding for special operations".

Re:

[bobbied]

There's no real money in legitimate Oxy sales, it went generic a LONG time ago.

Where I'm sure they don't mind if their wholesalers do, Big Pharma dare not openly engage in illicit production and sales. Regulators would find out quickly if they did and poof, no profits...

Re:

[dj245]

There's no real money in legitimate Oxy sales, it went generic a LONG time ago.

Where I'm sure they don't mind if their wholesalers do, Big Pharma dare not openly engage in illicit production and sales. Regulators would find out quickly if they did and poof, no profits...

Oxycontin may be a generic now, but there's plenty of money in "Oxy" sales. It has just moved on into newer drugs that have "anti-abuse" additives (which don't work very well), more powerful versions for "intractable pain" (which gets prescribed for not-so-intractable pain), long-release versions, etc.

Re:

[freeze128]

Somehow, I can't imagine heroin addicts buying their next fix over the internet. It seems more likely that they would need it to be delivered WAY FASTER, and they would eventually end up selling their PC/laptop/smartphone just to get money for their next fix anyway.

Plus, a local news story about the rising overdoses from Heroin mentions that the Heroin was TOO POWERFUL, because it was mixed with oxycodone.

Re:Probably ...

[dj245]

Somehow, I can't imagine heroin addicts buying their next fix over the internet. It seems more likely that they would need it to be delivered WAY FASTER, and they would eventually end up selling their PC/laptop/smartphone just to get money for their next fix anyway. Plus, a local news story about the rising overdoses from Heroin mentions that the Heroin was TOO POWERFUL, because it was mixed with oxycodone.

You would be surprised. Buying over the internet completely eliminates the risk of getting physically harmed during the transaction. The risk of being robbed is probably about the same. The risk of getting caught by law enforcement is probably less (for reasonably small quantities).

Desperate people living day to day probably aren't using the dark web, but such people probably aren't using Amazon Prime either. There are plenty of affluent drug users, if Hollywood is any indication.

Re:

[Skuld-Chan]

Those Hollywood liberals and their drug use:

http://www.nytimes.com/2006/04... [nytimes.com]

Re:

[bill_mcgonigle]

Somehow, I can't imagine heroin addicts buying their next fix over the internet. It seems more likely that they would need it to be delivered WAY FASTER

It seems like you don't know that many heroin addicts are opioid addicts who couldn't get their prescription meds anymore (largely due to "the war on opiates"). They are accountants, lawyers, and insurance salesmen who had back surgery, etc.

Plus, a local news story about the rising overdoses from Heroin mentions that the Heroin was TOO POWERFUL, because it

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[smooth wombat]

I'm sure the pharmaceutical companies could care less about those using heroin. They're not their customers.

But, since you're on the whole "Big Pharma" canard, think of how much money those companies have left on the table by curing polio and small pox. Think of the money they could be raking in by not finding a solution.

Re:

[murdocj]

Heck, why not blame Obama for it, as long as you don't have anything other than speculation.

Drug cartels are ...

[CaptainDork]

... affected by the "Amazon Effect [slashdot.org]," as well.

U.S. stores have been closing at a faster rate in 2017 than at any time since the recession, an American phenomenon being dubbed "retail apocalypse." Though this has so-far been largely a worry for U.S. retailers, the Wall Street Journal reports that investors in Europe are worried that it is now spreading abroad.

Brick and Mortar retail wishes they could retaliate.

Re:

[NicknameUnavailable]

The Amazon Effect impacts middlemen, not manufacturers. The owners of the drug cartels are the CIA, while the cartels only really focus on distribution as a matter of doing business, and do so at significant PR and monetary costs. They're still stuck with distribution and it's mostly the end dealers or dealers near the end of the chain who use the darknet sites. If any Amazon Effect is involved it's impacting the last 1-2 guys in the distribution chain, but more likely they're the ones using it to avoid

Re:

[Opportunist]

You think the dark web markets would get shut down if the CIA profited from them?

Re:

[NicknameUnavailable]

The point I'm trying to make is that the dark web is irrelevant. The CIA isn't the only one involved, the FBI and DEA have competing interests to shut things down. The misunderstanding here is that the dark web is relevant to the drug trade, it isn't. Anyone with even an ounce of security sense (which the CIA and therefore directly or indirectly, their puppets, have) knows that digital security is a joke between the honeypot sites on the darkweb, the monitoring of the networks they operate on to "conceal

Re: Drug cartels are ...

[mSparks43]

pretty sure most of the cartels will have moved over to stealth tor services by now for general coordination and transactions. Opium to Russia/China is mostly US Army rather than cia, Opium into US mostly seems to be Chinese Army. for the rest of illegal pharma, a good portion of the market is private manufacturers with only limited resources. For example that scene in TED2 when they crash into the marujuarna field.

Re:

[NicknameUnavailable]

That isn't remotely true. The Army was involved in 1 drug massive drug deal and it was some rogue soldiers inclusive of a pilot of a C-130 who were sent on a long mission to Columbia, had too much leeway, and realized they could smuggle coke for a cartel they were supposed to be hunting.

"with special software" ?

[Anonymous Coward]

That reads like some CNN/NBC/ABC/FOXNEWS retard shit. What is this "special software" ? is it so special that it can't be named on slashdot? you know, news for nerds, who can handle the name of the 'special software'

Re:

[jellomizer]

Port 8080

Re:

[PCM2]

It is unfortunate that you would have to fucking read to find out the name of the "special software," even though you already know what it is.

Bah

[nospam007]

I'm waiting for the _new_ Dread Pirate Roberts.

I know, I keep using that word, but it _does_ mean what I think it means.

Re:

[bobbied]

But, Wesley is dead.... Or at least mostly dead...

Re:

[barbariccow]

Not dead, but his unwillingness to try heroin^H^H^H^H^H^H^H The Game ended up saving the crew. Just Say No to Wesley Crusher!

Flooding one end to find the other?

[glitch!]

I wonder if this is a way of finding the customers. The dark system may hide IP addresses, but if someone can affect the timing on one end, that itself can be a signal. If they can flood one end, maybe they can look for indications of that congestion at the other end.

Re:

[Opportunist]

Not really good enough. Many TOR sites, dark webbed and otherwise, have atrocious response times. You'd get too many false positives.

Not that this would discourage our current "arrest them all then have them prove their innocence" law enforcement strategy.

Re:

[uvajed_ekil]

I wonder if this is a way of finding the customers. The dark system may hide IP addresses, but if someone can affect the timing on one end, that itself can be a signal. If they can flood one end, maybe they can look for indications of that congestion at the other end.

No one's interested in tracking down customers that way. There are too many of them and they are too small to bother with. The method of combating online illicit drug sales is to take down the sites, since using a collection of seized records makes it a lot easier to find the sellers, and the site owners are considered big fish.

Re:

[barbariccow]

What's with all the links to products on Amazon today? Are they paying shills on slashdot now?

How does this work?

[slashmydots]

If you tried to DDOS anything on the Tor network, you either know the real server's IP address, in which case send it to the FBI. That or you go through some crappy volunteer-run gateway or relay or whatever and I guarantee that would freeze up and disconnect you before a more capable actual web server. So how exactly are they doing this?

Re:

[Behrooz Amoozad]

keyword: 'distributed'
They probably connect to a number of different nodes and DoS the onion address using those?
I can't be very sure though; It's 'specialized' software; lolz.

Piercing anonymity?

[Okian Warrior]

This leads to an interesting question.

We know that the original dark-web protocol allowed state actors to pierce the veil of anonymity by traffic analysis. For example, even though packets were encrypted, you could follow packets of the same length to their destination. Do this multiple times, and you have a statistical certainty of the destination site.

That was fixed, and a similar technique with packet timing was also fixed.

I'm wondering now: can packet *volume* can be used to fingerprint a communication path?

Suppose you could flood a site through the Onion system, and also turn it on and off with a 1-sec resolution. Set up a pattern of on/off packet floods, then see which destinations get flooded during which seconds.

Can you then use traffic analysis to uncover the destination site?

Re:

[Anonymous Coward]

Can you then use traffic analysis to uncover the destination site?

Yes. Which is why it's a requirement of any serious anonymous protocol to send a random amount of traffic. This also translates into genuine uploads/downloads that will transfer at random speeds. It's still not enough because the fact that there is *a* destination translates into a target that can still be figured out by simply blocking routes until you can no longer reach said destination. It's why the more serious networks are decentral

Re:

[barbariccow]

Based on how TOR works, I would think the DDOS would be hurting the entire dark web (by flooding the nodes) in addition to a single server..

Re:

[Anonymous Coward]

Get it sent to your usual home address, with the name of a previous tenant/occupier. Plausible deniability. You'll be fine.

When did the definition change?

[JohnFen]

The dark web -- a pack of websites that hides their physical location with special software

The "dark web" used to mean websites that weren't indexed in any search engines.

Has the definition changed? Damn, I missed that memo.

Re:

[barbariccow]

The Dark Web is the internet that doesn't travel over fibre, thus the data is poorly lit.

Re:

[uvajed_ekil]

The "dark web" used to mean websites that weren't indexed in any search engines.

Has the definition changed? Damn, I missed that memo.

You've missed nothing. Journalists just fail to grasp the difference between dark web and dark net and use them interchangeably.

You've missed something: users frequently use the two terms interchangeably now, too. Dark net, dark web, whatever, those are terms they're using for something more specific than their original use, but this is not incorrect, as the shady grey are markets in question fit either definition.

Is there some new site not being DDOSed?

[jandrese]

My first thought is that someone has set up their own drug exchange and is trying to knock the competition offline. Of course since this is TOR a DDOS affects everybody on the network, so it's a bit self defeating.

Probably somebody testing traffic-analysis...

[gweihir]

...to find out where the sites are. Normally, the traffic snooping needed to find a hidden service needs to cover a lot of the network. It is unclear whether it is actually possible to do. But maybe you can do better if you flood one or several high-responsiveness target sites, ideally with some very specific patterns. My guess is somebody is testing that now.

An alternate explanation would be that they try to trick the site operators into doing something hasty and stupid.