tor_ddos bug
Images: Depositphotos

Amongst privacy enthusiasts, the Tor network is a popular means to browse the internet anonymously. However, time and again, vulnerabilities have been found in the Tor network that allow hackers to exploit it. A new study has revealed that a hacker or a nation-sponsored bad actor can degrade the performance of the Tor network for a few thousand dollars per month.

The research has been conducted by Georgetown University and the US Naval Research Laboratory to analyze the cost for slowing down the Tor network through different methods. As per the researchers, accomplishing an attack against the entire network is a costly affair, and it would take $7.2 million per month and massive DDoS resources (512.73 Gbit/s).

However, there are three types of bandwidth denial of service (DoS) attacks that can clog the Tor network. Thus, forcing users to abandon it owing to poor performance.

Attacking Tor Bridges Costs $17k Per Month

Instead of attacking individual Tor servers, bad actors can target Tor bridges. Tor bridges or Tor bridge relays are alternate entry points to the Tor network. These are not publically listed which makes them difficult to block.

Tor bridges are popular in countries where governments censorship bans the use of the Tor network. However, not all the Tor bridges (38) are functional right now. Out of the total 38 bridges, only 12 are operational and it would cost roughly $17,000 per month to saturate traffic in these bridges.

In case all the bridges are functional, the cost rises to $31,000 per month. It is a meager sum if a nation-state wants to stop its citizens from accessing the Tor network altogether.

Attacking TorFlow Costs Just $2.8k Per Month

TorFlow is used to visualize the information about each Tor relay, and it’s also the network’s load balancing system. The system automatically monitors the inflow of traffic and directs it to different servers to stop servers from getting clogged.

If an attacker chooses to target TorFlow servers with constant DDoS attacks with the help of DDoS booter service, then it would cost just $2.8k per month. As per the researchers, such DDoS attacks reduce the download rate by 80%.

Attacking Tor Relay Costs Just $1.6k Per Month

The third means of attack to degrade the Tor network is attacking Tor relays. These are Tor servers that bounce traffic to keep your anonymity intact. For this type of attack, the researchers preferred exploiting vulnerabilities in the Tor protocol instead of using DDoS stressors.

By exploiting the flaws in the Tor protocol, attackers can increase the download time. This makes it ineffective for those who use the network for downloading files without revealing their IP address.

In their analysis, the researchers found that the download time can be increased by 47% by spending just $1.6k per month. The speed can be further degraded to 120% with the cost rising to $6.3k per month.

Tor network DDoS attack cost
Source: Jansen et al

Researchers say that these methods do not affect the Tor network entirely but are enough to discourage users from using it because of its poor performance. Moreover, the costs we have seen isn’t much if a nation-state wants to drive away citizens from the Tor network.

As far as the mitigations are concerned, the researchers have suggested some changes in the Tor protocol and also recommend to move away from load balancing approached relying on centralized scanning. But what makes it difficult to achieve is that financing will be required to make these changes.

Also Read: Google Reveals 1.5% Of Chrome Users’ Passwords Are Compromised