Someone Is Trying to Knock the Dark Web Drug Trade Offline
Four of the world’s key illicit marketplaces—Dream, Tochka, Trade Route, and Wall Street—went down suddenly on Friday. And no one seems to know why.
The dark web—a pack of websites that hides their physical location with special software—is always a precarious place, with the FBI shutting down massive criminal networks, or competing sites hacking one another.
Now, someone is trying to take the four largest drug marketplaces offline, seemingly by flooding them with a torrent of traffic. These sites offer a mail-order service for pretty much any drug a customer could imagine, from LSD to varieties of heroin. As of at least Friday morning, several marketplaces were inaccessible or could only be visited from backup website addresses, and at the time of publication are still facing problems. It’s not totally clear who is behind the outages, but the downtime has disrupted the dark-web community somewhat.
“We are facing a DDoS attack atm [at the moment] and I guess many other markets as well,” a Reddit moderator for the site dubbed Wall Street, one of the affected marketplaces, told The Daily Beast. A DDoS, or distributed-denial-of-service attack, is when someone bombards a website with so many requests that it becomes overwhelmed, and stops letting in its usual users.
Sites in the dark web use a piece of software and related network called Tor. This masks their location, so law enforcement shouldn’t be able to just identify which company is hosting the website and demand they take it down or hand over evidence. Dark-web market customers also use Tor to conceal where they are connecting from. Combined with the pseudo-anonymous currency bitcoin, or one of several similar spinoffs, marketplaces on the dark web allow people around the globe to order a cornucopia of drugs, or items such as stolen credit cards, relatively easily and securely.
One site going offline is pretty normal—dark-web marketplaces often dip in and out of connectivity, perhaps due to security upgrades, technical issues, or, sometimes, attacks. But having the four main markets—Dream, Tochka, Trade Route, and Wall Street—all go down at once is unusual. Another site, RSClub, which focuses more on cybercrime and fraud, is also inaccessible.
“It might suggest they’re all on same infrastructure,” Alan Woodward, a computer-science professor at the University of Surrey with a focus on cybercrime, told The Daily Beast, meaning that perhaps these sites are hosted by the same company. That remains unclear, however—the attacker could simply be DDoSing each of the markets simultaneously by visiting the websites over and over again, rather than attacking their hosting company.
Some of the markets have directed customers to alternative URLs: ones the attacker apparently hasn’t affected. In The Daily Beast’s tests at the time of writing, three alternative addresses for Dream are accessible, and one for Wall Street.
Although the motivation behind these attacks is not clear, sometimes rival marketplaces hack or DDoS each other to draw affected customers to their own digital drug shops. In the case of Silk Road 2, a market that operated in 2014 until the following year, one of the site’s administrators ordered a hack of a competing market, according to internal communications previously obtained by this reporter. And independent hackers often try to take markets offline and demand a ransom payment from the site administrators.
A former dark web administrator told The Daily Beast, “an attack on the market was just part and parcel of the role. The world of dark net markets is no different than that of legitimate business, other than the lack of a legal framework means people don’t have a limit on the measures available.”
But at least one of the markets has not received any sort of extortion demand.
“No, nothing yet,” the Wall Street moderator said. Representatives for the other markets did not respond to questions.
Law-enforcement agencies, including the FBI, DEA, ICE, and various others overseas all aggressively investigate dark-web marketplaces, the dealers who use them, and the people who create and run the sites in the first place. Most recently, the FBI and European law enforcement closed two massive criminal networks, including AlphaBay, likely the largest ever marketplace of its kind.
The FBI declined to comment. A spokesperson for Europol told The Daily Beast the agency was not in a position to comment, and a spokesperson for the U.K.’s National Crime Agency said it neither confirms nor denies investigations.
Regardless, maybe those sourcing their drugs from the digital underground may be stumped Friday.
“We are trying to mitigate this at the moment,” the Wall Street moderator said.