Tor network experiencing massive ongoing DDoS attacks


Level 85
Thread author
Honorary Member
Top Poster
Content Creator
Malware Hunter
Aug 17, 2014
In the past seven months, users of the Tor network may have experienced issues connecting to sites through the network. Issues may have included slow connections while connected to Tor, but also that sites did not load at all.

A blog post on the official Tor blog provides insights on the ongoing attack on Tor. According to it, Tor's network has been under DDoS, Distributed Denial of Service, attacks for the last seven months.

The organization notes that it has been "working hard to mitigate the impacts and defend the network from these attacks". It admits, however, that the attackers have changed the attacks and that Tor had to adapt to the changes.

What makes the situation more problematic is that there is uncertainty in regards to who is behind the attacks or what their intentions are.

As a response Tor added two new Network team members who will focus on the development of .onion services exclusively.


Level 1
Jan 27, 2023
I have been using Tor for general browsing. Recently, connecting to the Tor network has been slow for me. I'm happy to hear that Tor is working on the problem to get it resolved. However, according to the article, it says:

Tor users may want to make sure that the browser is up to date. The latest version at the time of writing is Tor Browser 11.5.8. It is available as an automatic update from within Tor Browser and as a standalone download for all supported operating systems, Windows, Mac, Linus and Android, from the official Project website.

The latest version I have of the Tor Browser is 12.0.2. I don't know if this is an error on the author's part or if this is an old article. Either way, on February 7th, 2023, Tor made an announcement on their blog discussing this issue:

Tor is slow right now. Here is what is happening.


Level 26
Top Poster
Aug 17, 2017
Tor, which stands for The Onion Router, weathered a massive distributed denial-of-service (DDoS) storm from June last year through to May. While that attack has subsided, DoS abuse remains a persistent problem, one that degrades the performance of the anti-censorship service and has left many worried about its security. The project remains a target for governments and a boon for those who want to communicate privately. Those using Tor may access .onion addresses via the Tor Browser, which is good but not perfect.

To thwart future debilitating DDoS attacks, Tor developers have been working on a defense first proposed in April 2020. It just arrived in Tor version and it relies on a mechanism developed in 1992 by Moni Naor and Cynthia Dwork as a defense against DoS and spam but made famous for energy profligacy by Bitcoin: proof-of-work. Essentially, clients trying to reach .onion services may be asked to complete small proof-of-work tests. If you're connecting as a legit user, you shouldn't notice anything. If you're trying to hammer the project's network of nodes with lots of repeated connections, the proof-of-work challenges may well hamper your attempts.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.