What is the Dark Web?

Dark Web

Table of contents

  1. What is the surface web?
  2. What is web indexing?
  3. What is the deep web?
  4. What are darknets?
  5. Dark web definition
  6. What is on the dark web?
  7. Is the dark web safe?
  8. Who uses the dark web?
  9. How to access the dark web
  10. What is onion routing?
  11. What are the limitations to onion routing and Tor?
  12. Use UpGuard to prevent data leaks and breaches from ending up on the dark web

1. What is the surface web?

2. What is web indexing?

3. What is the deep web?

  1. Obscurity: The inability to be indexed by a search engine. This can be achieved by adding a robots.txt file preventing search engines from indexing the site and displaying it in SERPs (Search Engine Results Pages).
  2. Authentication: A requirement of login credentials to access the system or information. Whether or not the page is indexed, a visitor needs to log in to go deeper into the site than the login page.

4. What are darknets?

  • anoNet: Decentralized friend-to-friend network built using virtual private networks (VPNs) and software BGP routers.
  • Decentralized network 42: Decentralized peer-to-peer network built using VPNs and software/hardware BGP routers. It does not try to establish anonymity for participants and is used to explore routing technologies used on the Internet.
  • Freenet: Peer-to-peer platform for censorship-resistance communication. It uses a decentralized distributed data store to keep and deliver information and has a suite of free software for publishing and communicating without fear of censorship.
  • GNUnet: Software framework for decentralized, peer-to-peer networking that offers link encryption, peer discovery, resource allocation and communication over many transports (such as TCP, UDP, HTTP, HTTPS, WLAN and Bluetooth).
  • I2P (Invisible Internet Project): Anonymous network layer designed for censorship-resistant, peer-to-peer communication. Anonymous connections are achieved by encrypting user traffic and sending it through a volunteer-run network of roughly 55,000 computers distributed around the world. Given the high number of possible paths the traffic can transit, third-party surveillance is unlikely.
  • OneSwarm: Privacy-preserving peer-to-peer client design to protect user privacy when sharing data.
  • RetroShare: Free open-source peer-to-peer communication and file sharing app built on GNU Privacy Guard (GPG).
  • Riffle: Anonymity network develop at MIT as a response to issues with the Tor browser. It employs verifiable shuffle and is said to be ten times faster than onion-based networks like Tor.
  • Sydnie: Open-source software design to syndicate data over a variety of anonymous and non-anonymous computer networks. It can also reach archives situated in I2P, Tor and Freenet.
  • Tor (The Onion Router): Free open-source software for anonymous communication. Tor directs traffic through a worldwide volunteer overlay network that consists of more than seven thousand relays that conceal a user’s location and usage from anyone conducting network surveillance or traffic analysis.
  • Tribler: Open-source decentralized BitTorrent client that allows anonymous peer-to-peer by default.
  • Zeronet: A decentralized web-like network of peer-to-peer users. Instead of having an IP address, sites are identified by a public key (specially a Bitcoin address). The private key allows the owner of the site to sign and publish changes which propagate through the network. ZeroNet also uses trackers from the BitTorrent network to negotiate connections between peers. It is not anonymous by default but supports routing traffic through Tor.

5. Dark web definition

6. What is on the dark web?

  • Stolen Information: Sensitive data like credit card numbers or online banking details, data breaches, data leaks, personally identifiable information (PII) like Social Security Numbers, or hacked Netflix, Spotify or PayPal accounts.
  • Drugs and stolen goods: Illegal and prescription drugs, counterfeit goods, counterfeit money, fake passports, fake degrees and stolen goods are sold for cryptocurrency on the dark web on sites like the Silk Road, the dark web’s Amazon, which was founded by Ross Ulbricht.
  • Disturbing content: Child pornography, hitmen for hire, gore, human traffic, body parts, poison, guns and other black market activity.
  • Bitcoin lottery tickets: Dark web gambling sites often sell tickets in bitcoin lotteries that may or may not be real.
  • Terrorism: There are real and fake sites used by ISIL, ISIS and other terrorist groups.
  • Hacking services:Many hackers sell their services either individually or as part of groups.

7. Is the dark web safe?

  • Remote administration tools:Websites on the dark web may try to install a remote administration tool (RAT) on your device that could lead webcam hijacking or controlling your computer.
  • Malware: Like the surface web, websites on the dark web may try to install malware or ransomware such as WannaCry on your computer. Just like on the surface web, never download anything from websites you don’t trust.
  • Hackers: The dark web attracts hackers due to its in-built anonymity, some of them are for hire while others may look to gain access to your device.
  • Phishing scams: Phishing via cloned websites and other scam sites are numerous with darknet marketplace clones (such as Silk Road clones) often advertised with fraudulent URLs to steal Bitcoin or other cryptocurrency.
  • Suspicious links: If you click on any link, you could be taken somewhere you don’t want to see, download a file or access something illegal.
  • Breaking the law: While the dark web attempts to be anonymous, there are still ways to be caught for illegal activity and you can be prosecuted. Any time you are in the company of illegal drugs or content you risk landing in legal trouble. An accidental click or simple curiosity might not be sufficient defense.
  • Criminal element: Just because something is for sale, doesn’t mean it will actually get sent to you. There are many dark web sites design to steal cryptocurrency from you rather than send you what you purchase.

8. Who uses the dark web?

9. How to access the dark web

10. What is Tor?

  • Visits to websites
  • Online posts
  • Instant messages
  • Other communication forms

11. What is onion routing?

12. What are the limitations to onion routing and Tor?

  • Autonomous system (AS) eavesdropping:If an AS exists on both path segments from a client to entry relay and from exit relay to destination, it is possible to statistically correlate traffic and potentially infer the destination of the user.
  • Exit node eavesdropping: Swedish security consultant Dan Egerstad intercepted usernames and passwords for emails by operating and monitoring Tor exit nodes. Tor cannot encrypt traffic between exit node and the target server, so any exit node is in a position to capture traffic passing through it if it does not use end-to-end encryption such as Secure Sockets Layer (SSL)or Transport Layer Security (TLS).
  • Passive target-analysis attack:Attacker extracts features from the traffic of a specific flow on one side of the network then looks for those same features on the other side of the network.
  • Active traffic-analysis attack:Attacker alters the timing of the packets of a flow according to a specific pattern and looks for that pattern on the other side of the network.
  • Tor exit node block: Operators of websites can prevent Tor traffic from accessing their site or offer reduced functionality to Tor users.
  • Bad apple attack: Exploits Tor’s design to take advantage of insecure application use to associate the simultaneous use of a secure application with the IP address of a Tor user.
  • Inspection of BitTorrent control messages: Tracker announces and handshakes may include a client IP address, revealing the Tor user.
  • Hijacking BitTorrent tracker response:Lack of encryption or authentication between tracker and peer can result in a man-in-the-middle attack that allows attackers to determine IP address.
  • Exploiting distributed hash tables (DHT): Distributed hash tables (DHT) through Tor are impossible so attacker is able to reveal a Tor user’s IP address by looking it up in the DHT.
  • Sniper attack: A DDoS attack designed to take down the majority of Tor exit nodes could result in an attacker degrading the network enough until it uses nodes controlled by the attacker.
  • Heartbleed bug: The Heartbleed OpenSSL bug disrupted the Tor network in April 2014 until private keys were renewed.
  • Relay early traffic confirmation attack: A group of relays can band together to try deanonymize Tor users and operators.
  • Mouse fingerprinting: Detecting mouse movements to fingerprint a website with both the Tor browser and regular browser.
  • Vulnerabilities: The NSA exploited a vulnerability in an outdated Firefox version at one time bundled with Tor to attempt to identify Tor users.

13. Use UpGuard to prevent data leaks and breaches from ending up on the dark web



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store



https://www.upguard.com — UpGuard combines third-party security ratings, vendor questionnaires, and threat intelligence in a single cyber risk solution.