Middle Earth Bitcoin Black Market Endangering Users

For any unknown terms or phrases, please look at our “dark net market” terminology guide.

The black Tor market “Middle Earth” has begun requiring all users to enable JavaScript to access the site, which is known for easy drug purchase using Bitcoin. The site, which claims the JavaScript is used to mitigate DoS attacks, was recently exploited to possibly expose it’s location.

JavaScript over the Tor network may be used to de-anonymize users, which is a constant concern for users of any illicit “dark net” site. Due to the dangers of JavaScript, the Tor Browser disables all JavaScript by default through NoScript. In September of 2013, the FBI used Javascript to de-anonymize Freedom Hosting users.

According to Reddit user “me_js,” the site is using the SlowAES Javascript library to provide an individual “CAPTCHA” to users. While speaking on the code’s potential uses, “me_js” said,

“Can it be used to handle [DDoS]? No. [DoS]? Yes. But it is taking away all your anonymity, you are not 127.0.0.1 anymore, instead you are 127.0.0.1 plus your unique encrypted string. So it can also be used to track you.

If it is a [legitimate] case, it is actually a simple flood [DoS] attack [because] it is the only kind of attack that Java Script can protect. Otherwise it is [Law Enforcement].”

Even if Middle Earth’s JavaScript is not being used for malicious purposes, “dark net” users should never get in the habit of allowing JavaScript while visiting hidden services.