Tor weakness fears cause Agora dark market to temporarily close

Vulnerabilities in Tor Hidden Services protocol could be exploited by hackers, warns Agora

The dark web marketplace known as Agora has announced it is to temporarily close due to security fears concerning the Tor anonymity software that underpins the market.

Agora typically trades pharmaceuticals and chemicals of both a legal and illegal nature, as well as other similarly shady items. The market uses Bitcoins as currency.

In a PGP-signed message published today, Agora stated that "recent research had shed light on vulnerabilities in Tor Hidden Services protocol, which could help to de-anonymize server locations".

Agora notes that "most of the new and previously known methods do require substantial resources to be executed" in order to successfully jeopardise anonymity but that the research suggests that the level of the resources actually required "could be much lower than expected".

Agora, in particular, believes that it has "interested parties who possess such resources". Whether these people are criminals intending to target other criminals, or the long arm of the law, Agora does not reveal.

A solution "is in the works", but will require "big changes" to Agora's software stack, and will take time to implement, the message continues.

Thus, there is no choice, explains Agora, but to take the market offline, clear outstanding orders, and ask customers to stop sending any more Bitcoins to deposit addresses used on the market. "We do not guarantee the safety of any funds sent there," it warns.

In terms of daily transaction volume, Agora is the largest (known) dark market in the world.

Another major dark market, Silk Road, was taken down by the FBI in 2013, and its operator Ross Ubricht sentenced to life imprisonment earlier in 2015.

Despite the NSA's increasing attempts to crack Tor and pursue those who use it for illicit means, the US government continues to fund the project, being responsible for 80 per cent of its budget since 2012.