The dark web, what is it? Where to look and how to get there

Accessing the dark web requires using an anonymizing browser called Tor; it is a portion of the internet invisible to search engines.

Define dark web

The dark web is a portion of the internet not search engine indexed. You have definitely heard of the “dark web” as a hive of criminal activity, and it is. Over a five-week period in 2015, researchers Daniel Moore and Thomas Rid of King’s College in London categorized the contents of 2,723 live dark web sites and discovered that 57% of them host illegal materials. 

According to a study by Dr. Michael McGuires of the University of Surrey, things have gotten worse online. From 2016 to 2019, the count of dark web listings posing a threat to a business has increased by 20%. Of all the listings, except those for drug sales, 60% might possibly hurt businesses.

On the dark web, what are the purchase options?

Credit card details, all kinds of drugs, firearms, fake money, stolen membership passwords, hacked Netflix accounts and malware enabling access to other people’s computers. Get login credentials for a $50,000 Bank of America account, fake $20 bills, prepaid debit cards, or a “lifetime” Netflix premium account. You may pay hackers to attack systems on your behalf. Usernames and passwords are yours to purchase.

Not everything is unlawful; the dark web serves a good purpose as well. You might, for instance, join a chess club or BlackBook, a social network labeled as “the Facebook of Tor.”

Note: Links to dark web sites included in this post can only be accessed with the Tor browser; download this free at https://www.torproject.org.

For what purpose does one use the dark web?

Regular dark web monitoring by Patrick Tiquet, Director of Security & Architecture at Keeper Security and the company’s resident subject-matter expert, helps him to stay current with events in the hacker underground. “I monitor current events; the dark web provides threat analysis and situational awareness,” he said. “I want to know what information is available and have an external lens onto the digital assets being monetized; this gives us insight on what hackers are targeting.”

Many technologies also allow one to monitor the dark web, search for personally identifying data, and even respond to attacks.

Should you discover personal information on the dark web, there is not much you can do about it; at least, you will know you have been hacked. Basically, it’s worth visiting the dark web if you can accept the poor performance, erratic availability, and occasional shock element. Just avoid making purchases from there.

What is the difference between the deep web and the dark web?

Though occasionally used synonymously, the words “deep web” and “dark web” are not the same. The deep web is everything on the internet not indexed by and hence available via a search engine such as Google. Deep web stuff calls for sign-in credentials or anything behind a paywall. It also covers any materials its owners have banned web crawlers from indexing.

The deep web consists in part of medical records, fee-based materials, membership websites, and private business web pages. The size of the deep web is estimated to lie between 96% and 99% of the internet. Usually referred to as the “clear web,” a typical web browser only allows a small fraction of the internet available.

Considered a subset of the deep web, the dark web is purposefully concealed and requires a certain browser, Tor, to access, as described below. Though most estimates place the dark web’s size at roughly 5% of the total internet, no one actually know. Once more, despite its sinister-sounding name, not all the dark web is used for illegal activity.

Dark web tools and services 

The Into the Web of Profit study found twelve groups of tools or services that might cause a network breach or data compromise, therefore posing a risk:

• Attacks or infections, including malware, distributed denial of service (DDoS), and botnets
• Access keyloggers, exploits, remote access Trojans (RATs),
• Espionage encompassing services, customizing, and targeting
• Support services, including guides
• Accreditation
• Phishing
• Customer information; operational; financial; intellectual property/trade secrets
• Other new hazards

The paper also detailed three risk factors for every category:

•  Devaluing the company, compromising brand confidence, reputation damage, or ground lost to a rival company
• Upsetting the company, maybe with DDoS assaults or other malware influencing corporate activities
• Defrauding the company could involve IP theft or espionage compromising its capacity to compete or directly resulting in financial loss.

Dark web vendors of ransomware-as-a-service (RaaS) kits have been there for some years, but with the emergence of specialist criminal gangs like REvil or GandCrab, those offers have grown significantly more deadly. These gangs create their own advanced malware, occasionally mixed with pre-existing tools, and then “affiliates” them. 

The associates post the ransomware packages on the dark web. Usually including data theft from victims and threatening to post it on the dark web should the ransom not be paid. 

This company model is profitable and successful. For instance, according to IBM Security X-Force, REvil accounted for 29% of its ransomware interactions in 2020. Usually between 20% and 30%, the criminal gangs creating the malware get a part of the affiliated profits. IBM believes that REvil made $81 million in profits last year.

Dark internet browser

All this activity, this picture of a busy market, could lead you to believe that using the dark web is simple. It isn’t. The area is as disorganized and chaotic as one would expect from everyone being anonymous, and a sizable proportion are out to con others. 

Getting on the dark web calls for Tor, an anonymizing browser. The Tor browser renders your IP address unidentified and untraceable by routing your web page searches through a network of proxy servers run by hundreds of volunteers worldwide. Tor is like sorcery; the outcome is an experience akin to the dark web itself: erratic, untrustworthy, and maddeningly sluggish.

Still, the dark web offers a fascinating window into the seedy underside of the human experience for those ready to tolerate the discomfort without running across skulking about in a dark alley. 

Search engine on the dark side

While dark web search engines exist, even the best are challenged to keep up with the often changing terrain. The experience reminds one of late 1990s internet searching. Even one of the strongest search engines, Grams, generates repetitious results usually unrelated to the query. Another choice is link lists such as The Hidden Wiki, although even indices also provide an annoying frequency of timed-out connections and404 faults.

Websites found on the dark side

Though they look almost exactly like any other website, dark web sites differ greatly. One is the framework of naming. Dark web sites finish in.onion rather than.com or.co. Wikipedia states, “a special-use top-level domain suffix designating an anonymous hidden service reachable via the Tor network.”  While some browsers cannot access these websites, others with the suitable proxy can.

Dark web sites also use a disorganized naming system to generate often difficult-to-remember URLs. One well-known commerce website, Dream Market, for instance, has the incomprehensible address “eajwlvm3z2lcca76.onion.”

Scammers, who are always on the run to evade the wrath of their victims, establish several dark websites online. If the proprietors choose to cash in and run with the escrow money they are keeping on behalf of clients, even businesses that could have existed for a year or more can suddenly vanish.

Finding and punishing proprietors of websites that offer illegal products and services is becoming easier for law enforcement authorities as they shudder over the network when a team of cyber detectives from three nations effectively shuts down AlphaBay, the main supplier of contraband on the dark web in the summer of 2017. Many stores, though, just moved elsewhere.

Said Keeper’s Tiquet, the Tor network’s anonymous character, also makes it particularly susceptible to DDoS attacks. “Sites are always changing addresses to avoid DDoS, which makes for a very dynamic environment,” he said. Consequently, “a lot of material is outdated and search quality varies greatly.”

For auction on the dark web

Thanks to bitcoin, the cryptocurrency that lets two people engage in a trustworthy transaction without knowing each other’s identities, the dark web has blossomed. Tiquet says, “Bitcoin has been a huge influence in the rise of the dark web; the dark web has been a big factor in the growth of bitcoin.”

Though almost all dark web commerce sites use bitcoin or some other kind of currency, this does not make business there safe. The place’s intrinsic anonymity draws scammers and thieves; yet, what do you expect when you are purchasing narcotics or firearms?

Though there are some notable variations, dark web commerce sites offer the same elements as any e-retail business, including ratings and reviews, shopping carts and forums. One of them is quality control. Any rating system is problematic when both buyers and vendors are anonymous. Ratings are easily manipulated; even long-standing merchants have been known to vanish with their customers’ crypto coins just to open business under a different alias later.

Most e-commerce companies provide some sort of escrow service, which holds consumer money on reserve until the item is delivered. But in the case of a conflict, do not expect smiling service. Duke it out essentially falls to the buyer and the seller. Every message is encrypted hence even the most basic transaction calls for a PGP key.

Not even finishing a purchase guarantees the items will show up. Many people must cross national boundaries, and customs agents are searching dubious shipments. Deep.Dot.Web, a dark web news site, swarms with tales of buyers who have been caught or imprisoned for attempted transactions.

Like in the real world, the cost you pay for stolen data varies with market conditions. These are the most recent rates for some of the data and services routinely exchanged over the dark web based on the Dark Web Price Index 2021 from Privacy Affair:

•  Credit card cloned with PIN: $25 to $35
•  Credit card information with an account balance of up to $5,000:  $240
•  Online banking logins taken with at least $2,000 in the account stolen:  $120
•  PayPal moves $50 to $340 from compromised accounts.
•  Hacked Coinbase validated account:  $610
•  Social media hacked account: $1 to $60
•  Hacked Gmail account: $80
•  Hacked eBay account with decent standing: $1,000

Is the dark web against the law?

We want you not to come away from the dark web feeling as though everything there is evil or criminal. Originally an anonymous communications route, the Tor network still has great value in enabling individuals to interact in settings hostile to free speech. “Many use it in nations where internet access is criminalized or where eavesdropping is practiced,” Tiquet said.

The dark web offers lots if you wish to learn all about privacy protection or cryptocurrencies. There are several encrypted and secret email providers, guidelines for installing an anonymous operating system, and smart advice for those who value their privacy.

Links to full-text copies of rare books, a guide to the steam tunnels under the Virginia Tech campus, and collections of political news from major websites, all of which you wouldn’t be surprised to find on the public web, also abound. Intel Exchange lets you privately debate current events. Whistleblower sites abound, including a dark web variant of Wikileaks. There is still The Pirate Bay, a BitTorrent website law enforcement authorities have often blocked. Even Facebook exists in the shadows.

 “More and more respectable online businesses are beginning to show up there,” Tiquet remarked. “It demonstrates their awareness, cutting-edge knowledge, and modern sensibilities.”

For some companies, there is also great practical worth. Law enforcement authorities closely monitor the dark web, searching for stolen data from past security lapses that could potentially trace the offenders. Many major media outlets track news-seeking whistleblower sites.

Originally written in January 2018, this post was later revised to include data on pricing paid for stolen data and details on ransomware as a service.