Darknet (from the English DarkNet, also known as the “Shadow Network”) is a hidden network within which packets are transmitted in encrypted form. Thus, users within this network can communicate anonymously, since all traffic from the sender to the recipient is encrypted in several layers.
At the same time, there are a fairly large number of hidden networks, access to which is possible only after installing the appropriate software on the device. Examples are networks such as TOR, I2P, TON and Freenet. If you want to get more information about the Dark Web Scam List, then we recommend that you carefully read this article.
What is your Tor?
For a wide audience, the terms Tor, Deep Web, "darknet" and "nodes" sound exotic - if a non-specialist has heard of such things, then, as a rule, from crime reports or IT industry news. But over the past decade, the “deep Internet” has become a significant factor in public life: neither people who, for one reason or another, avoid contact with the state, nor the states themselves can ignore it. Therefore, darknet links should be treated with the utmost care.
Through the darknet, they kill, break through, leak, sell, extort and launder - that's what gets into the news. Less media attention is paid to people who use the dark web every day: human rights activists, the military, journalists, scientists - in general, two and a half million people for whom the security of data transmission is of fundamental importance.
While the main goal of Tor is to make access to ordinary services on the Internet anonymous, there is also a set of sites and services that are fundamentally inaccessible outside of Tor: when people talk about the dark web, they usually mean the so-called onion or hidden resources.
The key threat to user anonymity is the ability to completely decrypt traffic and read what and to whom the user writes. It is most convenient to do this “at the exit”, that is, on the way between the encrypted network and the site itself; hidden services avoid this scenario because the traffic is not completely decrypted and does not leave the Tor network at all, and the location of the final service is hidden from users.
Many hidden services claim to protect free speech and help people from different countries bypass blocking (for example, Facebook has a mirror in Tor). But there are also sites that use Tor for illegal activities: drug trafficking, arms trafficking and piracy.
How it works
Tor users access the Internet like everyone else, running an application (browser or messenger), but with a key difference: it has a built-in “onion routing” system - this is the name of the Tor network (The Onion Routing) literally stands for.
In short, routing is finding paths on the network, such as between a browser and the site it is trying to open. Data on the Internet rarely goes directly from the server to the user's device, usually it passes through many network nodes, and there are various technologies for finding the shortest route to navigate between them.
There are many ways to hide the contents of Internet traffic from prying eyes: if, say, opening incognito tabs in a browser is completely useless, then running a VPN already makes sense. True, if you buy services from a popular service, the security forces may ask him for information about the user. Those services that do not store customer data can be forced to do so or blocked.
"Onion routing" is designed to further complicate deanonymization on the network. Rethinking the principle of finding routes, Tor abandons the search for the shortest path from the server to the user and transmits data through several additional, randomly selected intermediate nodes. In this case, the data is encrypted many times, wrapping itself in layers, like an onion with a husk, and each intermediate node on the route decrypts one layer at a time, unfolding the onion and finding out the further path. Each node knows only its "neighbors" - where the data came from and where to transfer it further.
In the United States, the Silk Road case has become the most famous case against the darknet service. Founded in 2011, Silk Road was the first known market where cryptocurrencies could be used to buy drugs, forged documents, stolen bank cards or weapons.
The American FBI was able to close the site only two years later: a mistake in the site code, a built-in agent and a special operation in the library helped to deanonymize and achieve a life sentence for the creator of the site, Ross Ulbricht, where the capture of an open laptop connected to the Silk system was almost more important than the arrest of the suspect. It turned out that the exit node of the Tor network functioned in the hacker's apartment, that is, other users interacted with the "open" Internet from his IP address.
The users of the shadow network themselves can also easily fall for the hook of scammers. One of the well-known laboratories specializing in software security spoke about the basic security rules:
do not download unfamiliar files (it is much easier to catch malware on the dark web);
disable before using ActiveX and Java in all network settings (hackers know how easy it is to get your data using these services);
use an additional profile without administrator rights on the computer;
keep the darknet away from relatives and children.
Many people commit criminal and administrative violations on the darknet, for which they then have to bear responsibility. Including criminals. The list of darknet links 2022 continues to grow.
Origins of the dark web
So, in 2008, the Tor Project, a non-profit organization, released the Tor Browser, which allows you to connect directly to the Tor network. From now on, any user could simply install this online tutor and then communicate anonymously both on the Internet and on the Shadow Web.
However, that's not all. In 2009, a certain Satoshi Nakamoto developed the Bitcoin cryptocurrency protocol, then the software in which this protocol was implemented, as well as a virtual wallet, and then launched the Bitcoin network.
After that, in 2011, Ross William Ulbricht launched a marketplace on the Tor network called "Silk Road", which sold illegal goods. His USP was that on this site it was possible to purchase any product for bitcoins, providing its users with complete anonymity.
Well, now pay attention to the following logical chain:
For ordinary Internet users, in order to get into the dark web, it is enough to install the Tor browser on almost any device.
Thanks to BITCOIN, web programmers have the opportunity to create not only sites in the Tor network, but also online stores, as well as marketplaces.
All this gave incredible prospects for the development of the Darknet. In addition, due to the regular introduction of new amendments to the legislation, in various governments, in order to protect users from unwanted information, as well as to control them, the Darknet has grown to unprecedented proportions.
It is important that you understand the differences between the two from the start, due to the fact that each of these parts of the Internet hang out with users with completely different goals. However, you will learn more about this in more detail below.
Traditional segmentation of the Internet into 3 main levels
Before we delve into the topic, let's talk about the traditional segmentation of the Internet, because without it it will be difficult for you to fully understand what the darknet is. It's just that the term "Internet" is too common to describe all parts of its vast network.
Surface Web is the visible part of the Internet. That is, everything that can be found through search engines, as well as through social networks, instant messengers, etc. This part of the network is totally controlled by everyone and sundry. For example, intelligence agencies, providers, large corporations, marketers and web analysts.
Deep web (from the English Deep Web)
The Deep Web is the hidden part of the Internet that includes private social media profiles. networks, PERSONAL bank accounts, correspondence in instant messengers, documents in Google Docs, etc. That is, DarkNet also belongs to the Deep Web, but this is only a small part of what the Deep Web is.
The Dark Web is a shadowy part of the Internet where users can communicate anonymously, buy goods, and even start their own businesses. As a rule, there are a whole bunch of banned sites in the Shadow Network, for the slightest propaganda of which you can be held accountable.
As users of the ntc.party forum reported, "bridges" were also blocked. There are more sophisticated ways: addresses of less public "bridges" can be requested by special e-mail; such addresses remain available. Bridges use different technologies to hide the fact that Tor traffic is transmitted inside them, thereby bypassing user traffic analysis systems.
The systems work on the principle of "Deep Packet Inspection" (DPI) - the study of the characteristic features of user traffic, which makes it possible to distinguish one type of connection from another. For example, to distinguish encrypted Tor traffic from regular network access. This has already been done by the authorities of Iran and Kazakhstan, but in this case Tor has additional means to artificially distort the data flow, so isolating Tor traffic will be, if not impossible, then extremely resource-intensive.
The most popular hidden network is TOR because, unlike others, it is much easier to install on a device. In addition, Tor within its network allows each user to create an anonymous site in the .onion zone. However, these onion sites are not accessible outside of the Tor network.
Later, when the ARPANET became the Internet, Microsoft published the book The Dark Web and the Future of Content Distribution in 2002. After that, the Dark Web became quite wide.
A network without rules: what is the darknet and how it causes problems
Finished the daily calls from the "security services"? Perhaps your mobile has topped up one of the databases of numbers sold on the dark web. In August last year, for example, 50 million records of bank accounts leaked to the underground Internet - experts called the leak the second largest in recent years.
Not only full names, phone numbers and passport numbers, but also biometric data can fall into the hands of scammers through the darknet - some banks collect them from customers as a new way of protecting them.
Malware attacks; DDoS attacks. The ultimate goal of the event is to paralyze business life.
Hacking followed by obtaining remote access to corporate networks.
Instructions, videos and other aids for "young burglars".
Corporate accounts stolen.
Organization of phishing attacks.
Stolen customer bases.
Corporate and personal financial information.
Business intellectual property.
Based on the threats examined, the report highlights three areas of risk that a business may face.
First, it is reputational damage. The dark web contains a huge amount of information that will allow attackers or competitors to torpedo a company's image. For example, by organizing a "drain" of previously stolen personal data of customers or confidential commercial information.
The second is disrupting the business through phishing, DDoS attacks, or data encryption.
The third is fraud. This category includes both industrial espionage, the purpose of which is the theft of new technologies and developments, and smaller, but no less painful illegal operations. For example, the theft of funds from corporate accounts, which is most often carried out using social engineering methods.
How can companies protect themselves from the dangers of the dark web?
Companies that are already paying for access control, cyber-attack protection, and maintenance of mission-critical work systems should start keeping an eye on the dark web and black markets. In such markets, anyone, even not computer savvy, can order a network attack on your corporation.
And any employee using the Tor browser can put up important corporate data, codes and access keys for an anonymous auction. Never before has the barrier to entry into the criminal technology and digital opportunity market been so low. To get information about darknet sites list, you need to familiarize yourself with the general logic of its work.
Thankfully, thanks to the open yet anonymous nature of darknet black markets, it is now easier for companies to keep an eye on the digital criminal underground and respond to potential threats and leaks. Here are the key principles for dealing with dark web threats:
Use strong encryption methods for all sensitive information and keep them up to date. The encryption method you used yesterday can quickly become outdated, so make sure your IT department keeps your data secure.
Keep an eye on black markets and the dark web in general in order to detect a threat to your company in time. There are now a growing number of companies that specialize in detecting and resolving dark web issues or using dark web scanning as part of their cybersecurity services.
The main array of sites on the Darknet can be divided into two types: sites, uncensored forums, and online stores that most often sell illegal goods: drugs, weapons, child pornography, and cyber-espionage programs. With the development of bitcoins and cryptocurrencies, it has become easier for users to pay among themselves, since such transactions are anonymous. Illegal transactions have become easier and safer.
There is no copyright on the Dark Web, so films, books, software, and other copyrighted items are often distributed there without the consent of the copyright holder. Microsoft, for example, claims that the Dark Web has become a major obstacle to the emergence and development of DRM technologies that programmatically control or restrict actions with content.
In recent years, ransomware has gained particular popularity on the dark web. Despite the fact that such software has been known for a long time, today virus technologies and models of their distribution have advanced significantly. Ransomware-as-a-Service (RaaS) kits, which specialize in well-known criminal groups such as REvil and GandCrab, have gained particular popularity.
These groups develop their own sophisticated programs and distribute them through a network of affiliates on the dark web. The “partners” of the groups are directly involved in the attacks, and in the event of a successful campaign, they allocate from 20% to 30% of their income to malware developers. IBM estimates that REvil made $81 million last year.
In many countries, the main page of the international Tor project, a free browser for anonymous Internet access, is banned. Prior to this, the input nodes of the network were subjected to sudden blocking. Mediazona briefly explains what Tor is, how it is used, and whether it is possible to block the technology of bypassing locks at all.
There is also “garlic routing” (Garlic Routing) - to make it difficult to analyze traffic, single “teeth” of messages from different users are combined into one common “head”, so that network nodes do not even know which of the “teeth” is whose. This method is used in networks of another protocol - I2P.
The nodes in the Tor network are the devices of volunteers and activist organizations. There are three types of nodes in networks:
the entrance (guard) to which the user connects;
exit, which knows which site to connect to;
and intermediate (middle), which connects the input and output nodes, but knows nothing about the user or the site he is trying to open.
The provider then cannot read the transferred data because everything is sent as an onion of encryption levels.
At the same time, Tor does not guarantee complete anonymity: the network cannot do anything about what happens “on the periphery” - on the side of the provider or on the side of the end site. Users can still be identified by distinctive browser characteristics or online behavior: in 2013, a Harvard student screwed up by sending a bomb report over Tor to disrupt exams—but his computer was the only one on the exam. a university that was connected to Tor entry nodes.
The openness of the project, which activists are proud of, can also become its weak side: an ill-wisher can launch as many of his own nodes as he likes in order to identify users if their data passes through nodes controlled by him. Back in 2012, in a Tor Stinks presentation published by Edward Snowden, the American NSA complained that the agency did not have enough nodes on the network to trace connection chains. Later, rumors regularly surfaced that the NSA still controls a significant number of nodes on the network, but this has not yet been proven or denied.
Cybersecurity specialists have repeatedly discovered large groups of nodes belonging to the mysterious owner of KAX17. In October 2019, hundreds of his nodes were removed from the network, but he was able to restore the grid on powerful, expensive servers around the world. The probability of using the middle node from this group by a random user reached 35%.
The node owner actively participated in internal discussions on the Tor forums, but this did not save his network: at the end of November 2021, just before the start of Tor blocking in many countries, they were excluded from “onion routing”. Who they belonged to and whether they were used to deanonymize users is unknown.
2017. Invisible blow
The essence of the court session in December 2017 can be conveyed in one sentence from the judge’s decision: “As it follows from the case file, the prosecutor’s office checked the https website on the Internet, as a result of which it was found that the download of the anonymizer browser program was available on the indicated users of the site for subsequent visits to sites that contain materials included in the Federal List of Extremist Materials, including information posted on a site that hosts informational material.
The name of the material that aroused the interest of the prosecutor's office, as well as the address of the site to be blocked, were removed from the published text of the court decision. At the same time, the court decision for 2017 is mentioned in the register; it is also known that at that time the court, at the request of the prosecutor's office, decided to block websites selling fake driver's licenses, medical certificates, meters and offering services. Interest in Tor among Saratov prosecutors is also not unique: in the same 2017, the courts blocked various anonymizers.
2021. Fire at the nodes
On December 1, 2021, many Tor users started complaining about being unable to connect to the network. Within two days, blockages have become massive for users of major mobile providers, especially mobile operators.
“Dear users,” the largest domestic store selling banned substances addresses customers. “Since the beginning of December, our users may have problems logging into Tor due to network blocking by ISPs.”
Block monitoring service GlobalCheck has confirmed that the state has blocked access to a significant portion of the entrance nodes of the Tor network. The agency did not block the entire network, but it did prevent users from connecting to public entry nodes.
Similarly, access to Tor has been blocked in China for years. To bypass such blocking, there are "bridges" - nodes that do not themselves participate in the operation of Tor, but connect the user to an input node that the computer cannot find for some reason. The addresses of some "bridges" can be obtained from the Tor Browser or from the Tor Project website.
Doubts about the security of the Tor hidden network
The Tor hidden network is the most popular dark web in the world. It was developed by the US Naval Research Laboratory, and later the source code of the program was published on GitHub. In 2006, the non-profit organization Tor Project was created to develop and promote the Tor network.
But surprisingly, the main sponsors of Tor are the Department of Defense and the US State Department. That is, they understand that the Darknet is destroying society with drugs, but they still continue to sponsor this network.
Moreover, from November 5 to 6, 2014, the FBI, ICE and 16 other EU countries took part in the Onimus operation. During this time, they hacked 410 hidden services and 27 different sites, and also arrested 17 sellers and administrators who were engaged in illegal activities on the dark web.
Ross William Ulbricht and his popular "Silk Road" SQUARE also made it into the mix. But his site, like everyone else, was heavily protected, which only means that the secret services still managed to find a vulnerability in the Tor network.
Then many owners switched from Tor to I2P because it's faster and more secure than the Tor network. In addition, on the blog of almost the most secure OS - Whonix, a publication was published in which it was written that Tor is only suitable for private surfing and will not help if special services are looking for you.
However, the TOR network is NOT ONLY used for illegal activities, it can also be used for peaceful purposes. For example, to bypass all kinds of censorship or just for the sake of personal freedom on the Internet.
Purposes of using the Darknet in everyday life
For professionals whose work is associated with the risk of data loss, the Tor browser is a must. For example, when transmitting Important Information, journalists use this Internet teacher, because on the Surface Web the probability of his evasion is much higher than when transmitted over the Tor network.
In this regard, it is safe to say that the Tor browser is literally vital in certain professions. For this reason, let's look at the 3 main purposes of using the Dark Web in everyday life.
Perhaps for some, not always, but at certain times, it is necessary to secure sensitive data from someone, such as law enforcement or hackers. For example, Edward Snowden in 2013 had to hand over classified information to The Guardian and The Washington Post.
He did this using the world's most secure operating system, Tails Linux, and the Tor network. If he had transmitted this information through any messenger, then law enforcement agencies would have immediately intercepted it.
Sale of illegal goods and services
As I have already said, the blockchain system has greatly influenced the development of the darknet, because now it is possible not only to open platforms, but in general to create a separate economy, independent of any states. It even seems to me that this will happen if no one takes appropriate measures at all.
Pavel Durov managed to almost successfully implement this idea, but the US government forbade him to integrate TON and Gram into Telegram, because this could cause serious damage not only to the dollar currency, but also to individual states.
Freedom of speech and circumvention of censorship
You all know that the vast majority of the media deliberately hush up some news that could cause a reaction from the population. For example, in Belarus so much has happened, but there is not a word about it on TV in the news. Although, perhaps, the only exception is the Rain channel.
For this reason, journalists and some news outlets use hidden networks. Yes, and just ordinary people who want to speak out without fear that they will be asked for it in full.
Banned Sites and Easy Ways to Find Them on the Dark Web
As a rule, experienced users of the darknet have their own databases of sites, which they usually do not share with anyone. Posting them to Surface Web is dangerous, as it can block the web resource. Accordingly, I will not do this either, but I will tell you about some directories and search engines.
With their help, you can find banned darknet sites, as well as useful services, sites and forums. However, it is categorically not recommended to buy anything there, but no one forbids to look purely for the sake of interest.
Let's end this article
I hope we have explained what the Dark Web is, how to get there and how to use it in a simple enough way. By the way, we also forgot to mention that it is better to look for onion sites on the Tor shadow network, and not on the Surface Web, due to the fact that shadow sites are usually located there.
And do not forget to use all kinds of firewalls, foreign VPN / proxies in conjunction with Tor and other tools to ensure the security of the device. Well, unless you want to be deanonymized by hackers on the dark web.