Agora, a dark market website that uses the Tor network, has temporarily closed its doors amidst fears that a vulnerability can help attackers to identify server locations. The website claims it noticed "suspicious activity" around their servers, which urged them to shut down and move the server to another location out of safety precautions. Full details at ARS Technica.
"We have recently been discovering suspicious activity around our servers which led us to believe that some of the attacks described in the research could be going on and we decided to move servers once again," operators of Agora, a hidden service that markets everything from illicit drugs to unlicensed firearms, wrote in various online forums, including this post on Pastebin. "However, this is only a temporary solution."
The message said operators were working on a solution to block the attacks and planned to bring Agora back online once it was ready. In the meantime, they said, it would be unsafe to continue conducting business as usual.
Details about the attack technique were published last month but the move comes as a surprise as Tor Project officials downplayed the seriousness of the weakness and questioned the likelihood if it could be carried out in practice because the attack not only requires control over the Tor entry point for the server hosting the hidden service but also the collection of unique network characteristics data that can serve as a fingerprint for that particular service.