Tag Archives: Tor

Dark Web’s Largest Market, Agora Marketplace, To Pause Operations

BREAKING NEWS: The admin at Agora Marketplace will be taking the site offline temporarily to upgrade security. They are advising all users withdraw their bitcoins in the meantime. Most other markets would just run off with your bitcoins but Agora just proved again that they are thinking of the people. In the meantime, AlphaBay Market and Silk Road 3 are the best options to check out.

>>> Click here to find the AlphaBay Market Guide. <<<
 
>>> Click here to find the Silk Road 3 Guide. <<<

Recently, Agora Marketplace announced through its admin that there would be a pause in operations so as to address major security threats facing the site. This process will ensue only after notifying account holders of the intended temporary shutdown, so that they can make necessary transactions before it becomes too late. The owners have released a signature appended message explaining the situation, and verifying that this is not an “exit scam” as they would soon be back.agora

According to Agora Marketplace owners, a just concluded research shows that there are certain vulnerabilities in their Tor network which could help criminals de-anonymize server locations. While there are already known methods on how to deal with this breach, most of them require substantial amounts of resources which can easily be reduced by adopting new security strategies.

A solution is being concocted but may require immense changes in the existing software stack, which fortunately will prevent unauthorized personnel from accessing Agora Marketplace accounts. But the process shall require considerable amounts of time before coming to fruition. Additionally, suspicious activity has been reported around the servers indicating that indeed attacks could be happening as we speak. Due to this unfolding, the web location has been moved temporarily awaiting major improvements later on.agora-up
Agora Marketplace administrators say that though a solution in not yet on the offing, it would still be dangerous to keep users online since this can jeopardize their security. Hence, there’s no other thing that can be done other than taking down the site till a much better solution is found. This is an honorable course of action for everyone’s safety, including site owners themselves.

In the meantime, Agora Marketplace has promised to try its best in clearing out all outstanding payment orders so as to prevent inconveniences. Anyone who has a cash balance on their account should withdraw it immediately, since the site won’t be held accountable when they go offline given the prior warning which has been issued.

Nevertheless, during this time users may experience delays in payouts since many people are likely to withdraw money at the same instance. Agora Marketplace intends to resolve such issues, but also advices users that they should only use destination bitcoin addresses which don’t expire when sending finances out from the site. Considering that some payments might get delayed.

As a precaution, when the website is offline avoid sending bitcoin to any deposit addresses on Agora. The safety of funds sent henceforth isn’t guaranteed since there would be no one to track it. As for vendors, they should abort any orders that have not been sent or processed yet. These measures are being proposed so that no one can take this as an opportunity to start scamming people wildly.

Despite the changes, Agora Marketplace has still committed to keep intact all user data including the history and profile information of specific accounts. Similarly, since their PGP key is nearing expiry date, they have launched a new PGP code which can be used to verify authenticity of admin messages in the future.

 

JavaScript Exploit Via Agora Market’s Private Message

>> Click here to see the Agora Marketplace guide and Agora URL <<

A number of users of the Agora Market, the online black market, have reported that they have received a message through their Private Messaging system on June 11. They said that the message had a malicious JavaScript exploit and it tried to drain off Bitcoins from their wallets.

According to the users, when they clicked on the link in the message an attempt was made to execute a malicious JavaScript code with the help of CSRF on Agora Market so as to steal users’ fund kept in Agora’s wallet. They also said that it also tried to change the PGP key and reset the PIN code.

The exploit works when a user has opened an active session with Agora Market. In addition, the user must enable JavaScript. Further, the user must be dumb enough to click on an unknown link with the JavaScript enabled. Users, especially vendors, should avoid doing any of these things.

On June 13, the site’s admin issued an update and said that they have received reports from users regarding the private messages they received with a link to an exploit which tried to hack their accounts. The online black market also said that they are in the process of working out a solution. Moreover, Agora Market requested users to turn off JavaScript at the time of accessing their website.

Agora Market came out with yet another update on June 15, saying that it is safer now to keep the JavaScript open on the Tor browser when accessing their website. However, their general recommendation is that users can turn off JavaScript whenever they want to do something sensitive on the Internet. Agora also said that their website does not make use of JavaScript for anything.

Though it is not clear from the latest update provided by Agora Market as to whether the CSRF problem has been completely sorted out, it is better that users disable JavaScript when browsing Agora website or any other site using Tor.

>> Click here to see the Agora Marketplace guide and Agora URL <<

Darknet Sites Targeted By The Denial-Of-Service Attack

>> Click here to see the Agora Marketplace guide and Agora URL <<

The world has recently become aware of an undergoing denial-of-service (Dos) attack against major darknet marketplaces such as the Agora Market. The attack exploits an existing loophole in Tor hidden services protocol. Drug markets and other Tor hidden sites have been targeted by the attack, which some consider the most serious attack yet to target Tor darknet sites.

Darknet Sites Targeted By The Denial-Of-Service Attack

The DoS attack consists of attackers creating several simultaneous connections to the same hidden service, which overwhelms the server’s CPU resources thus making it inaccessible to darknet site users. One of the sites attacked alongside Agora Market, a site called Middle Earth, had its server load increased to 100 percent, which effectively resulted in downtime and inability by users to access the site. The bug report related to the attack has been opened under the name “alberto” by Tor developers.

So far, the attack has been reproduced by a Tor developer. In fact, short-term solutions have been introduced to deal with the problem, but none have worked out. Long-term solutions have also been suggested; including proposals put forward by Tor hidden services co-founder Roger Dingledine in 2012.

Darknet Sites Targeted By The Denial-Of-Service Attack1Tor hidden site owners began complaining of server having accessibility issues towards the end of March. The problem was traced to large amounts of malicious traffic that slowed down or stopped user access to the sites’ servers altogether.

Agora Market, the largest darknet site at the moment after the closure of Silk Road and Evolution Marketplace, is one of the main Tor hidden sites targeted by this attack. Agora Market mainly deals in illegal drugs, although it also sells weapons and other illicit items. Since the attack, Tor hidden sites have been struggling to stay up. However, both Agora Market and Middle Earth are currently accessible.

>> Click here to see the Agora Marketplace guide and Agora URL <<

Is Tor Still Reliable?

>> Click here to see the Agora Marketplace guide and Agora URL <<

Is Tor Still Reliable1No matter what you use Tor network for, whether you simply want to browse the web anonymously or find something from hidden sites like the Agora Marketplace, generally it is a pretty useful piece of software. It can be used whenever and wherever you need it. For example, you can easily keep a copy of the Tor Browser (a Firefox browser pre-configured to relay traffic through the Tor network) in a USB flash drive and use it when you are accessing public Wi-Fi.

But is Tor still secure as most people would believe it to be? There are recent reports that the FBI and other related agencies have initiated an exhaustive crackdown on most darknet marketplaces (and the closing down of Silk Road 2.0 last year was a very prominent example), including the arrest of 17 people. This is just a small number, compared to the millions of people who use Tor everyday.

The thought of the government finally infiltrating Tor is not really that farfetched, considering that the whole project was initially developed by the US Navy.

The answer though is a bit comforting for most Tor users. Tor is still very much reliable in this day age. It is important to note that Tor, from its government-backed beginnings, is a fully open source project. This means that vulnerabilities can be easily patched up as soon as people spot them.

Is Tor Still Reliable

So, yes. You can still safely use Tor and access darknet sites like Agora Marketplace if you want to. Just make sure that you anonymize yourself as much as possible (use a VPN with Tor Browser, not give any identifying details, etc.) and practice safe browsing habits.

>> Click here to see the Agora Marketplace guide and Agora URL <<

The Difference Between Tor And I2P

 Click here to see the Agora Marketplace guide and Agora URL

Tor and I2P (acronym for Invisible Internet Project) are anonymous proxy networks better known for their popularity among darknet sites such as the Agora Marketplace, although this online black market is one of the Tor hidden sites. Other than the fact that I2P is less popular than the Tor hidden network, it differs considerably from the latter.

I2P

Tor uses a centralized directory-based approach in its management of the network. The centralization also enables Tor to gather and report web usage statistics. On the other hand, I2P uses a distributed network approach, which makes it faster and less prone to attacks such as those commonly used by law enforcement to take down Silk Road 2.0 and a number of other darknet sites late last year whereby servers hosting Tor hidden sites were targeted in Operation Onymous.

I2P is designed and optimized for providing quality hidden services. Some aspects of Tor, however, are optimized for other benefits. For instance, Tor uses SOCKS, which was designed to offer great functionality. This is in contrast to I2P which relies on an API, a design feature meant to improve anonymity. This difference in design makes I2P sites better suited to thwart security threats than the Tor hidden network sites.

Generally, I2P is now considered more secure than the Tor network. However, darknet sites such as the Agora Marketplace continue to run on Tor hidden network, and yet continue to evade relentless efforts of the authorities to close them down. Tor leaves a longer and better trail because it uses long lived circuits. In contrast, I2P uses short lived tunnels, and that makes I2P sites harder to take down.

i2p-logo

Agora Marketplace is a Tor hidden site that deals in both legal and illegal products, especially illegal drugs and weapons. After the closure of Silk Road 2.0 last year, Agora Marketplace became one of the largest darknet sites, and its continued operation shows the robust privacy and security that the Tor hidden network service continues to provide to its users, even though I2P now generally offers better security.

 Click here to see the Agora Marketplace guide and Agora URL