Login

Blog

  • Why is the dark web so interesting to cyber criminals?

    Why is the dark web so interesting to cyber criminals?

    For many people, cybercrime and the darknet are directly linked. But why do cybercriminals like to use the darknet so much?

    There is no such thing as “the dark web”. The Tor network is often meant when peopl talk about “the dark web”. This is also the case in this article.

    History of the Tor network

    To understand why the Tor network is used by criminals today (among others), it is worth taking a look at the past.

    In 1995, David Goldschlag, Mike Reed and Paul Syverson were working on the first prototypes of “onion routing” at the U.S. Naval Research Lab (NRL). The basic idea has not changed to this day: The Internet should be accessible with as much privacy as possible and to achieve this, network traffic should be routed via several servers and encrypted between them.

    In the early 2000s, Roger Dingledine and Paul Syverson worked on an “Onion Routing” project at the NRL. To distinguish themselves from other research projects with the same goal, they called the project “TOR”, which at the time stood for “The Onion Routing”. Later, Nick Mathewson also joined the project.

    From the very beginning, it was necessary to find enough volunteers to operate a node for the Tor network. Since the release of the software, the code has therefore been available to everyone under a free software license.

    How the darknet became accessible to everyone

    In 2003, there were already around a dozen Tor nodes, most of them in the USA and one in Germany.

    A few years had to pass before the Tor browser was developed in 2008. This meant that the darknet was now also accessible to less tech-savvy people – all you had to do was download this browser and you were in.

    This meant that parts of the Internet were also accessible to people living in a country where the Internet is (at least temporarily) censored.

    Crime on the Darknet

    Unfortunately, increased anonymity also attracts criminals. Just as hardly any robbers today will go about their business unmasked, cyber criminals also try to disguise themselves. One place where this is possible, but which is still easily accessible, is the Tor network.

    The latter is important because the criminals actually want to be found (to a certain extent). If, for example, no one can find the leaked data from a ransomware incident, then the damage to the affected company is significantly lower and so is the willingness to pay the ransom.

    But the dark web has been “cracked”, hasn’t it?

    Even though we now know that law enforcement agencies have found ways to deanonymize Tor users with considerable technical effort and under certain conditions, the darknet remains interesting for cyber criminals. From the very beginning, there was always talk of increasing privacy and not becoming completely anonymous. Many professional cybercriminals have not only come up with the idea of further protecting their identity since this report.

    Today, a professional criminal is unlikely to connect directly to the Tor network via their home Internet connection if they are planning criminal activities there. Instead, other ways are used to extend the layers of obfuscation on their own initiative and thus make deanonymization much more difficult.

  • What happens on the dark web? Is it relevant for cybersecurity?

    What happens on the dark web? Is it relevant for cybersecurity?

    Cybercrime, drugs and stolen credit cards can be found on the dark web. However, we also hear time and again that there are legitimate uses for the darknet. What really happens on the dark web?

    Data leaks from ransomware incidents

    One of the biggest concerns for companies: Cyber criminals steal company data, encrypt the servers and threaten to publish the data. If the victim company does not pay the ransom, this actually happens. Dozens of “leak blogs” by ransomware actors can be found on the darknet.

    On the leak blogs, the companies attacked are usually listed in a kind of “hall of shame” with a company logo and brief description. If you are interested in the data as a consumer of these websites on the Darknet, all you have to do is click on “Read more” and you can download terabytes of company data. Of course, this is not legal, even as a consumer of this data (this is not legal advice).

    What data is leaked on the dark web?

    All data that you have to deal with on a daily basis in your day-to-day business. For example, stolen copies of ID cards, e.g. from an application process, can be found on the leak blogs. Internal correspondence, invoices and construction plans are also frequently found there.

    Stolen credit card data

    Stolen credit card data is also still being offered for sale on the darknet. Due to the security measures (two-stage verification, e.g. via an app) taken by the credit institutions, these are a little less interesting today than they were a few years ago. Nevertheless, there are still websites on which goods can be ordered without these security measures. And depending on the type of credit card data offered, it is still possible to transfer it to a blank card and make purchases “offline” at the owner’s expense.

    Legitimate purposes

    There are countries in which access to the Internet is massively restricted and/or monitored. This makes access to information extremely difficult in some cases. International news portals are sometimes inaccessible in these countries. The Dark Web can help here.

    For example, the BBC website is also accessible on the Darknet (press release). The DW website (press release), the New York Times (press release) and The Guardian (press release) are also on the Darknet, along with a few others.

    The dark web is also an opportunity for journalists reporting from such countries to communicate with their colleagues from other countries.

  • Darknet – What is the Clearweb, Deepweb and Dark Web?

    Darknet – What is the Clearweb, Deepweb and Dark Web?

    Many people have heard of the “darknet”, but what exactly is it all about? Is it the dingy corner of the internet where only criminals hang out? In this article, you will learn the most important basics about the darknet and what you need to connect to it.

    Clearweb, deepweb, darknet and dark web

    In simple terms, the clearweb is the part of the internet that our parents can access. It is the part of the internet that can be accessed with standard hardware and software without any special access restrictions. This is where you can find news and streaming portals, webmail providers, forums and this blog, for example.

    The deep web is the part of the internet that cannot be found in the search engine index (e.g. Google, DuckDuckGo, etc.). This is where you can find underground hacking forums, for example, but also something like a university’s online repository, where users first have to register in order to access the latest scientific publications.

    Special access software is required to access the Darknet. Due to this additional hurdle, the term “hidden services” is often used. Sometimes the term “onion services” is also used in reference to the domain that can be found in the Tor network.

    Difference between darknet and Tor network

    According to the definition, there is not just one darknet. However, the most widespread today is the so-called “Tor network”. Tor, formerly written in capital letters TOR, originally stood for “The Onion Router”. In addition to the Tor network, which is managed by the “Tor Project”, there are also other ‘darknets’, such as the “Freenet Project”.

    Theoretically, you could also team up with your friends, program your own access software and you would have your own “darknet”.

    When people talk about “the darknet” in the media or colloquially, they are usually referring to the Tor network. This is the best-known and most widespread “hidden” network.

    Is there a difference between darknet and dark web?

    Darknet and dark web are actually different. The darknet refers to the entire network that can be accessed via the special access software. In addition to web browsing, this also includes other predominantly TCP-based services, such as SSH (Secure Shell), instant messaging or VNC.

    By using the Tor network, you can, for example, access devices in your home network (after prior configuration), even though you are located elsewhere in the world.

    Is the dark web illegal?

    Using the Tor network is not illegal as long as you are not doing anything illegal there.

    So if you just enjoy the additional anonymity and look at legal things on the darknet, you are completely legal.

    However, as soon as you do something illegal – and there is a lot of it there – it is of course just as punishable as on the Clearweb. Examples of illegal use are hate comments, ordering drugs and any form of cybercrime.

    How do I connect to the Tor network?

    Connecting to the darknet is surprisingly easy. Download the so-called “Tor Browser” from the official website (and only from there, please!). Search for the “Download” button on the official website torproject.org and download the Tor browser for your operating system (e.g. Windows or macOS).