In case you’ve been experiencing Tor community connectivity and efficiency points these days, you are not the one one since many others have had issues with onion and i2p websites loading slower or not loading in any respect.

Tor Mission’s Government Director Isabela Dias Fernandes revealed on Tuesday {that a} wave of distributed denial-of-service (DDoS) assaults has been concentrating on the community since not less than July 2022.

“At some factors, the assaults impacted the community severely sufficient that customers couldn’t load pages or entry onion companies,” Fernandes mentioned on Tuesday.

“We’ve been working exhausting to mitigate the impacts and defend the community from these assaults. The strategies and targets of those assaults have modified over time and we’re adapting as these assaults proceed.”

Whereas the aim of those ongoing assaults or the id of the menace actor(s) behind them will not be but recognized, Fernandes mentioned the Tor group will maintain tweaking the community’s defenses to deal with this ongoing subject.

The Tor Community group may also be expanded to incorporate two new members specializing in .onion companies improvement.

“Within the curiosity of defending the Tor community and our international group, we selected to restrict public data on the character of these assaults for now,” Fernandes instructed BleepingComputer after we reached out for extra data on the DDoS assaults.

“To make clear, our companies haven’t been down, however every so often sluggish for some customers, and it is very important notice that the person expertise is affected by a wide range of components, together with what onion companies are getting used, or which relays get picked once they construct a circuit via Tor.”

DDoS assaults additionally hit the I2P community

Tor shouldn’t be the one nameless communications community at present focused by DDoS assaults. The I2P (brief for Invisible Web Mission) peer-to-peer community has additionally been coping with an enormous assault for the final three days.

Consequently, I2P customers may also expertise points as a consequence of some i2pd routers crashing with OOM (out of reminiscence) errors when hit by this Denial-of-Service assault.

“As you already know, the I2P community has been focused by a Denial-of-Service assault for the previous ~3 days. The attacker is flooding the community with malicious floodfill routers, that are responding incorrectly or in no way to different routers and feeding the community false data,” one of many I2P subreddit’s mods mentioned yesterday.

“This ends in efficiency and connectivity issues, as a result of the floodfills present peer data to the members within the community. The result’s a type of sybil assault which is used to trigger widespread denial of service.

“This assault has degraded the efficiency of the community nevertheless it stays intact and usable. Java I2P routers nonetheless seem like dealing with the problems higher than i2pd routers. Numerous mitigations ought to seem in dev builds of each Java and C++ routers within the subsequent week.”

Simply as in Tor’s case, the menace actors are utilizing a wide range of techniques as “the assault is beginning / stopping / altering a number of occasions a day,” as I2P’s venture supervisor and core dev lead mentioned in a Tuesday group assembly on IRC.