Silk Road 2.0 Hit by 'Sophisticated' DDoS Attack

An advanced DDoS attack has forced online black market Silk Road 2.0 to suspend services to maintain security.

AccessTimeIconSep 15, 2014 at 12:37 p.m. UTC
Updated Sep 11, 2021 at 11:10 a.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now

Online black market Silk Road 2.0 experienced a distributed denial-of-service (DDoS) attack last week, which forced the site’s administrators to temporarily suspend services.

News of the attack broke on bitcoin forums hours after it started, with the Silk Road team soon confirming the news via its own forums.

For reasons that are less clear, black market Agora has faced outage issues problems of its own in the last few days.

Silk Road remains defiant

Silk Road 2.0 moderator 'Defcon' issued a statement saying that the site was facing a “very sophisticated” DDoS attack using the most advanced methods the site has experienced to date.

The moderator said:

“The dev team is working around the clock to get marketplace service restored, as well as watch the security of our systems closely. Much of the downtime you have seen is intentional on our part: if this is an attempt to locate our servers through packet analysis, we do not want to make it easy for our adversary and would rather be offline while we adapt our defences.”
Silk-rd-20-Screenshot-Ddos
Silk-rd-20-Screenshot-Ddos

As the attack continued, Silk Road 2.0 remained offline.

Defcon eventually issued a second update, indicating that the team is trying out different approaches to blocking the inbound DDoS. He stressed that the site is still processing withdrawals, although these have been delayed by the attacks. Silk Road 2.0 is aware that cashflow is very important and the site is therefore prioritising delayed withdrawals, the moderator added.

Defcon ended the update on a defiant note:

“To our adversaries: you cannot stop us. We will overcome every attack.”

Questions persist

Silk Road 2.0 vendors started reporting problems earlier last week, before the site was finally forced to shut down. Despite official updates, the outage prompted a number vendors to raise questions about the impact of the attack.

Silk Road 2.0 was targeted by hackers in the past: last February, the site lost 4,476 BTC to an alleged hack, worth over $2.6m at the time. The attack was blamed on a transaction malleability exploit used by one of the vendors.

The site decided to compensate affected customers and, by late May, it said more than 80% of bitcoins stolen in the alleged heist have been repaid to the victims.

The source and goal of the latest attack remains unclear. Speculation is mounting that the attack was in fact launched by law enforcement in an attempt to ascertain the location of Silk Road 2.0 servers, while other users believe the attack was launched by criminals or competitors.

Following the February hack, Silk Road 2.0 said it would introduce a multi-signature wallet system to replace its previous escrow platform. A multisig system should be less vulnerable to hackers, but has not been fully implemented yet.

Online black market Agora faces outage

Silk Road 2.0 is not the only black market suffering outage issues. While Silk Road 2.0 was struggling to restore services, which it eventually did late on Friday, competing market Agora went offline.

Agora users started reporting intermittent problems on Saturday. The site was out of action over much of the weekend and had still not become available by press time (12:15 BST, Monday).

Agora outage
Agora outage

The reason for the outage remains unclear. Earlier this month, Agora confirmed that it was suffering from availability issues on a regular basis. However, the team offered an extensive explanation into the inner workings of the market and the need for security, saying it considers that more important than around-the-clock availability.

The Agora team said at the time:

"Our primary goal is to stay hidden from law enforcement agencies and secure from hackers. We implement much more security measures than many others, which causes problems with availability."

Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.


Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.