1. Forum
  2. USENET
  3. alt.privacy

  • Onionflation attacks on Tor network

    From Anonymous Remailer (austria)@mixmaster@remailer.privacy.at to alt.cypherpunks, alt.privacy, alt.privacy.anon-server, comp.protocols.tcp-ip, si.comp.protocols.tcp-ip on Mon Mar 2 01:06:00 2026
    From Newsgroup: alt.privacy

    2600 - The Hacker Quarterly +
    Andrew Strutt
    +
    Admin
    +
    4h
    +
    A group of security researchers just developed a new family of attacks
    dubbed OnionFlation, that turn tors denial of service defense mechanism against its own users. This enables attackers to essentially bring down
    any onion service of their choosing. This class of attacks actually takes advantage of an asymmetry in onion routing, which reveals a persistent
    issue facing the tor network. As a result, these types of attacks are difficult to properly patch or defend against. I use my own Onion Service
    to demonstrate the principals of this attack in real time.

    https://www.usenix.org/conference/usenixsecurity25/presentation/lee

    https://www.facebook.com/groups/2600net/posts/4482651051957985/

    --- Synchronet 3.21d-Linux NewsLink 1.2
  • From Anonymous User@noreply@dirge.harmsk.com to alt.cypherpunks, alt.privacy, alt.privacy.anon-server, comp.protocols.tcp-ip, vmsnet.networks.tcp-ip.misc on Mon Mar 2 01:20:27 2026
    From Newsgroup: alt.privacy

    In <d9c3ed1b28af31a513b9effc29ad6e4f@dizum.com> Anonymous wrote:

    2600 - The Hacker Quarterly -+
    Andrew Strutt
    -+
    Admin
    -+
    4h
    -+
    A group of security researchers just developed a new family of attacks
    dubbed OnionFlation, that turn tors denial of service defense mechanism against its own users. This enables attackers to essentially bring down
    any onion service of their choosing. This class of attacks actually takes advantage of an asymmetry in onion routing, which reveals a persistent
    issue facing the tor network. As a result, these types of attacks are difficult to properly patch or defend against. I use my own Onion Service
    to demonstrate the principals of this attack in real time.

    https://www.usenix.org/conference/usenixsecurity25/presentation/lee

    https://www.facebook.com/groups/2600net/posts/4482651051957985/

    The government won't like that. They won't be able to spy on the dark web
    if it's inaccessible.
    --- Synchronet 3.21d-Linux NewsLink 1.2