Dread is Back Online

The recent DDoS attack seems to stop for now, Paris has announce that he has bought 2 new servers that should stop Dread from coming down in the coming days.
The attack seems to be extremely strong, but not one that is being carried out by any government agency.

A few Darknet Markets have announced that they have also mitigated the attack and now are online.

The attack has caused a massive load on the Tor network as can be seen on the service traffic on Tor metrics.

Paris full statement on the matter-

A very eventful couple days. Someone is putting a whole lot of money and power behind this attack. We are up and stable and should remain that way. It's been extremely costly for not only us (I've literally bought out two separate hosting companies server overstock) but also the Tor network. Guard node failure rate is about 16% cluster wide. I've deployed a custom tweaked vanguard configuration which I hope will help reduce the overall guard node failure to prevent relay sniping and help with network health a bit. If you do not spread out the guard load over multiple guards this attack will kill the default guards. Double (if not triple) the vanguard configuration num layer 1-3 guards, disable bandguards and rendguard (if introduction cell attack), set circ_max_age_hours to 1 or to what you have in your endgame session timeout, then restart the service.

Of course you can see the spike in onion service traffic on Tor metrics. It's very much real. It's very much powerful. And it's very much killing the Tor network. To get some extra understanding. While introduction attacks don't increase the bandwidth that much the amount of circuits on the network will hurt throughput in an exponential way. As less and less circuits are being completed and as more and more relays are crashing it has an exponential effect on the network.

The V2 addresses can't be protected in the same way that V3 addresses can be protected. While they are not specifically targeted, spending resources on something which is a literal hole in the cluster protection is something we can not afford right now. I'll be moving recon over to V3. It's long overdue.

Distinct descriptors on onionbalance is primary reason why dread is online right now. I'll be making a technical write-up about the scaling process, configuration, and attack overviews after this is all done.

Remember if we can get online, so can you. NEVER pay an extorter. This is the result of assholes taking advantage of conflicts, amplifying them, and breaking down systems. I personally don't believe this attack is governmental backed. It's too dirty. This is inter-community conflict. Don't let yourself be consumed by speculation and rumors. For all the people just trying to live your life, I get the frustration, and while there seems like there is nothing you can do to help there is. The Tor network needs more relays. Badly. If you want this to stabilize you can help that by getting high powered (aka very high clocked at least 4GHz a core) gaming server relays online and added to the network. It will help with the load, speed up the connections, and stabilize existing connections.

Recon will be up within the next day. 

Here on DarknetOne will keep you updated on any new development.

Leave a Reply

Your email address will not be published. Required fields are marked *