Login
Get a Demo
Become a Partner
SOCRadar® Cyber Intelligence Inc. | What Is the Dark Web All About?
Table Of Content
Home

Resources

Blog
Feb 01, 2021
8 Mins Read

What Is the Dark Web All About?

Since the 1970s, criminal activities have been coordinated via the internet. However, these early examples would have been rendered in person by way of closed networks and the direct transactions of money and commodities. The arrival of cryptocurrencies not only required trades to be done online but also simple without having to leave a money trail. As such, the online sale of illicit goods has become increasingly popular and large dark web markets have been established. Based on the statistics;

  • Over the past three years, the Dark Web traffic has risen by 300%.
  • About two million active users log in daily via the TOR browser to the Dark Web.
  • In 2019, Bitcoin’s cumulative valuation transactions on the dark web increased 65%.
  • By 2021, every 11 seconds a ransomware attack will take place.

Surface Web vs Deep Web vs Dark Web

Surface Web: The Surface Web is the part of the global web that is freely accessible to the general public that can be accessed using regular Web search engines; it is also called the Visible Web, the Indexed Web, the Indexable Web, or Lightnet.

Deep Web: The deep web, the intangible web, or the hidden web are part of the World Wide Web, which has no regular search engine indexing content.

Dark Web: The dark web is the World Wide Web material that overlay networks that use the Internet but need some applications, settings, or access authorization.

What kind of information can be found on the dark web?

There are many forms of information that can damage organizations that can be easily obtained on the Dark Web including;

  • Stolen Credit Card Data,
  • Medical Records,
  • Research Data especially on COVID-19, 
  • Financial Records,
  • Proprietary Manufacturing Information, Trade Secrets,  Formulas,
  • Blueprints and Security Plans,
  • Intelligence Reports,
  • Government Secrets, etc.
Figure 1 – Average price of stolen credentials on dark web marketplaces as of February 2019 (in U.S. dollars)

Why is the dark web not indexed?

There are a couple of reasons why the Dark Web is not indexed.

  • It’s very disjointed. Very few sites link to each other, limiting crawlers’ ability to find new sites and new pages. It’s like the open internet from the 90s.
  • It uses its own protocol, so without portal/gateway sites, they would be unable to connect. Try connecting to a “.onion” domain in a normal browser. You’ll see it won’t even resolve.
  • There are not that many hidden services out there. The myth that it is “vast” is ill-founded, based on a misunderstanding of the terminology. In reality, it is really quite small.
  • Some sites are blocked by portal/gateway sites for legal reasons, so they can only be accessed using the Tor protocol. As search engine crawlers don’t use this, they can’t access the sites.

What are the most common reasons for users to access the dark web?

According to Statista the most common reason to use the Dark Web to be anonymous while the second reason is limitations due to geolocations.

Figure 2 – Most common reasons for users to access the dark web worldwide as of February 2019

What are the most popular dark web marketplaces?

The first of its kind sites were the Silk Road to merge the darknet with Bitcoin. In February 2011 Ross Ulbricht built Silk Road. The Silk Road has set the benchmark for darknet markets over the next two years. The platform traded nearly $183 million in products and services by the time it was shut down in October 2013 and Ross Ulbricht was arrested.

1. ToRReZ

Account registration is required on ToRReZ Market. A mnemonic phrase is displayed for users right after registration. mnemonic is the only way for a user to restore their password if they forget it, so it must be stored safely. Optional security settings for user accounts include PGP 2FA and TOTP (Time-Based One Time Password). While PGP 2FA is optional for buyer accounts, it is mandatory for vendor accounts.

ToRReZ Market is a wallet-less market; which means you only send funds when making an order. The market currently supports four cryptocurrencies: Bitcoin, Monero, Litecoin, and Zcash. Multisig is available for Bitcoin and Litecoin, as well as the Escrow system. Zcash and Monero only have Escrow systems.

Both physical goods such as drugs, and digital goods such as software and credit cards, are sold on ToRReZ Market.

2. Tor2door

Tor2door is a new established market in June 2020 where almost all goods are accessible. The platform is only a $150 bond available for buyers. More than 1000 goods and over 100 manufacturers are now on the website.

Tor2door states that its ultimate objectives are security and usability. This is the most easy market for inexperienced dark-net users.

3. Hydra

The Russian darknet platform is one of the major illegal dark web markets. It hosted $1 billion sales through its 5,000 shops between 2016 and 2019. The website was founded in 2015 to give sellers the opportunity to sell their items from their individual online stores.

In December 2019, the Hydra team announced several new projects. These included an ICO to fund an expansion into new markets, Eternos, a new DNM for Western users, and AspaNET, an alternative to TOR.

Hydra serves mainly as a market for narcotics, although other contrabands including counterfeit passports, stolen credit cards, and falsified currency are also available. While a wide variety of illegal goods and services are available on the web, there are also a few rules that could be a justification for their longevity and their success. These rules include no fentanyl, no weapons, no hitmen service, no sale of malware and porn.

4. Versus Project

The Versus project that was established in 2019 is a new marketplace for darknet. Buyers can acquire a variety of digital products and services, including illegal drugs, malware and software and fraud-related services. There are over 8,400 listings and 500 providers in the marketplace that accept Bitcoin for purchases and can communicate in English.

Versus Project is ahead of the privacy curve because it offers security for transfers made by Monero (XMR) that are anonymous compared with Bitcoin’s pseudonymous payments. In comparison, 2FA authentication for its platform communications, which is an advantage, is mandated.

5. White House Marketplace

White House Market (WHM) is an online darknet market that indulges in the sale of products across categories such as drugs, fraud, software and services. It accepts Monero (XMR) Cryptocurrency and supports the Escrow System.

There are actually 601 items in the overall catalog. The division of drugs has 478 lists and is the richest category of products. It also permits “Fentanyl,” which in virtually any other market in the industry is forbidden.

The products ‘Fraud-related’ are the second highest in the industry. It mainly consists of “financial” digital products. For example, the details of the passport, the bank login information, stolen credit data, etc.

Some features of WHM are;

Other features:

  • Fast customer service
  • Bug Bounty Program
  • English is the official language though limited support is offered in Spanish and French.
  • Mirrors available for both Tor and I2P.
  • No limits for withdrawal or deposits.
  • No fee for the buyers and only 5% for the vendors.
  • Acceptance of Monero as the only mode of payment.
  • Availability of 2 Factor Authentications.
  • Availability of vacation mode.
  • Partial refunds can be opted for in case of disputes.
  • PGP encrypted mirror list/market statement, canary with proof of freshness that is updated every 72 hours.
  • Configured PGP encrypted jabber / XMPP notifications for both buyers and vendors.
  • The market runs on the escrow system.

Should your organization monitor the dark web?

That’s for sure without a doubt. Monitoring the Dark Web, however, is not an easy job. But SOCRadar can help. With its Dark Web monitoring service, SOCRadar constantly monitors the Deep Web’s forums, channels, etc. for sensitive and personal data. Immediately and automatically generates alarms if there is something you need to know. Most talented real-human CTI analysts create reports and brief your organization about the breach to prevent possible cyber-attacks or minimize the damage.

Increase the reach and volume of hyper-relevant intelligence on your fingertips for your monitoring power. Gather actionable and real-time intelligence with SOCRadar.

Discover SOCRadar® Community Edition for free

With SOCRadar® Community Edition, you’ll be able to:

  • Discover your unknown hacker-exposed assets
  • Check if your IP addresses tagged as malicious
  • Monitor your domain name on hacked websites and phishing databases
  • Get notified when a critical zero-day vulnerability is disclosed

Free for 12 months for 1 corporate domain and 100 auto-discovered digital assets.

References

Cover photo by Ales Nesetril on Unsplash

Related Articles
SOCRadar® Cyber Intelligence Inc. | Dark Web Monitoring with Open-Source Tools and Services
Dark Web Monitoring with Open-Source Tools and Services
Apr 17, 2024
SOCRadar® Cyber Intelligence Inc. | 0-Day Exploits for Outlook and Windows, AnyDesk Access Sale, LeadSquared and WeRize Database Leaks
0-Day Exploits for Outlook and Windows, AnyDesk Access Sale, LeadSquared and WeRize Database Leaks
Apr 15, 2024
SOCRadar® Cyber Intelligence Inc. | Top 10 Dark Web Markets
Top 10 Dark Web Markets
Apr 11, 2024
SOCRadar® Cyber Intelligence Inc. | How to Monitor Your Supply Chain’s Dark Web Activities?
How to Monitor Your Supply Chain’s Dark Web Activities?
Apr 10, 2024
SOCRadar® Cyber Intelligence Inc. | Latest Dark Web Sales: Exploits, 0-Days, Financial & Government Data Leaks, DarkVR Service
Latest Dark Web Sales: Exploits, 0-Days, Financial & Government Data Leaks, DarkVR Service
Apr 08, 2024