For a long time, Empire Market has been experiencing some problems with the site’s performance. Newly created links stop working after a couple of minutes. Because of this, market users are experiencing big problems trying to access their accounts.
Many have already heard that the Empire website is being attacked by competitors using ddos. But is it really so?
We conducted our investigation in order to establish the true cause of the falling links.
Reason why Empire Market urls are falling
Consider the version that Empire Market urls rivals attack ddos. The price of ddos services starts at 10$ per hour, but with the increasing complexity of site protection, the price will increase. Also, the price depends on the duration of the attack, the more hours you order, the less the next hour will cost.
So, we calculated the approximate cost of ddos Empire attacks, it’s 500$ per day. Recall that Empire Market has been subjected to ddos for more than six months, and the price of such an attack would have amounted to more than 100000$. And now the question is – is it profitable for competitors to spend such money on attacks of their competitor? We think not, especially ddos does not completely disable the site, but only forces administrators to create new domains. Then who is behind all this?
In the last issue, we interviewed one of the hackers who is engaged in hacking accounts by bruteforce passwords. He said that hackers are paying more and more attention to darknet markets, as for them it is a safe and secure place to hack. The most important thing that we learned from our conversation with him is that the Empire Market is also prone to such attacks, and not newcomers are engaged in it.
What does the hacking of accounts and ddos have in common? After all, these are completely different things, which are not interconnected. Apparently, the difference is not big.
What ddos is?
Such attacks are carried out with only one purpose, to overload the server with requests so that it crashes. Hackers infect a large number of computers with their botnet. You most likely will not even suspect that your computer is infected with such a virus, because he does not show himself in any way.
When a hacker wants to attack a site, he sends a command to all infected computers so that they begin to continuously send requests to the same site. The server on which the site is located simply can not withstand such a load, as a result it turns off.
BruteForce (password brute force)
For such attacks, the cracker must know at least the victim’s username. As we assume, hackers take logins from reviews that are left under the goods. We don’t really know how they get out the login database, this is just an assumption.
After the cracker has collected the login database, he moves it to his software. The program itself begins to select the desired password from its database. It’s not possible to sort through all possible passwords; this would take 100 years. But the password database is built in such a way that it contains only the easiest and most common passwords.
When the hacker program is running, it tries to log in to every account from the list by going through possible passwords. This means that thousands of authorization requests are sent to the Empire site at the same time, and according to the ddos attacks, the server does not withstand the load, and then it is disabled.
After reading the material, many may wonder. So my account can be hacked at any time? No, provided that your account will have a complex password. If the password does not contain any meaningful words, then you are not at risk.
Such attacks are aimed only at those users who do not follow network security rules, and there are a lot of such users.