this post was submitted on 23 Jun 2024
1 points (100.0% liked)

Monero

1662 readers
4 users here now

This is the lemmy community of Monero (XMR), a secure, private, untraceable currency that is open-source and freely available to all.

GitHub

StackExchange

Twitter

Wallets

Desktop (CLI, GUI)

Desktop (Feather)

Mac & Linux (Cake Wallet)

Web (MyMonero)

Android (Monerujo)

Android (MyMonero)

Android (Cake Wallet) / (Monero.com)

Android (Stack Wallet)

iOS (MyMonero)

iOS (Cake Wallet) / (Monero.com)

iOS (Stack Wallet)

iOS (Edge Wallet)

Instance tags for discoverability:

Monero, XMR, crypto, cryptocurrency

founded 1 year ago
MODERATORS
 

Hey community, we are publishing this post to let users know beforehand that there are scammers running fake clones of our service. Do not access any website that claims to be us, but is not one of our main addresses.

Correct addresses:

  • trocador.app

  • trocadorfyhlu27aefre5u7zri66gudtzdyelymftvr4yjwcxhfaqsid.onion

Fake websites:

  • troccador, troccadoor, trocadoor (any other typo)

  • trocadupz35kdyzgqpadqor4jk7u4lmbo2(...).onion

Right now our services are suffering non-stop DDoS attacks for the last three weeks, and they are using ToR exit nodes to conduct such attack (both through clear net and onion). For this reason we had to turn off our Onion link, as we are working into pushing changes to mitigate the attack. There's a chance that these fake websites might be related to the attack, they might be trying to lure users into their fake clones, so it is important to Bookmark the correct website. Stay safe! Our team is small, but we are working into going back to normal.--

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 0 points 4 months ago* (last edited 4 months ago) (1 children)

suffering non-stop DDoS attacks for the last three weeks, and they are using ToR exit nodes to conduct such attack

This doesn't add up:

  1. Exit nodes are not involved in onion site visits. Exit nodes are only involved in connections from Tor to the clearnet.
  2. The tor network itself does not have a particularly massive amount of exit node bandwidth, and anybody trying to use a large fraction of that will attract the attention of the tor developers. I have a very hard time believing that the bits per second you can push through tor exits result in a bandwidth bill that a popular exchange (like yours!) has any difficulty affording.

Blink twice if you've been threatened by a three-letter agency.

Good luck,

[–] [email protected] 0 points 4 months ago* (last edited 4 months ago)

Regarding 1, the attack has been going on for weeks, and now the attacker shifted to using mostly ToR exit nodes on the clearnet, so some users reported that it is not always that they can access the website when using exit nodes, sometimes they get blocked because of the rate limiting that is in place to fight off the DDoS. But we can see the attack on localhost as well (actually spamming on localhost), which indicates the attacker is also using onion connections to attack us. This is a fact. Some people from the community suggested we implemented some solutions on onion, and we are going to look into it this week.

Regarding 2, that's exactly what is happening, as other services are also being affected see https://status.torproject.org/; As we said, we are a small team and we are working into solving all issues this week. We've been providing the community with good services for quite a while, and we hope to normalize the situation once we improve our defenses.

Network Performance Issues v3 Onion Services "We’ve been experiencing an unusually high load on the Tor network during the last couple of weeks, which impacts the performance of onion services and non-onion services traffic. We are currently investigating potential mitigations."