I Saw Your Data on the Dark Web

In September,
I wrote about credential stuffing,
the kind of attack
that depends on the collection of huge amounts of data
(lists of user/password pairs),
which usually are sold on the Dark Web.
what is the Dark Web?
How could we have access to it?
Perhaps many of us immediately associate the term Dark Web
with criminal activity.
But is that a place intended only for criminals?
If you don’t know what the Dark Web is
or want to learn more about it,
this post can give you useful information.

Definitions: Deep Web and Dark Web

Let’s start by mentioning what is known to everyone
reading this text:
the Clear Web.
even if you don’t know it by this name,
it is the part of the internet
that we handle daily
and that we can find as public content
in the usual search engines such as Google and Bing.
and to some people’s surprise,
it’s estimated that
more than 90% of the internet’s total content
is not part of the Clear Web but the Deep Web.
The latter includes all websites protected by a paywall
or requiring sign-in credentials.
Here we have file hosting spaces,
membership websites,
email accounts and corporate web pages
used temporarily to fill out forms,
just to mention a few examples.
Of course,
we also use some of these services almost every day.
This is not the case with the Dark Web,
to which some mistakenly allude
as if it were the same as the Deep Web.
the Dark Web is a tiny portion of the Deep Web
(less than 5% of the internet).

I’ve never used the Dark Web,
maybe you haven’t either,
but both of us may have already appeared there.
Let’s understand better what this dark side of the internet is.
According to the above,
with the Dark Web being part of the Deep Web,
you will not find its material on Google.
and as a distinctive feature,
you can only access it through a particular web browser,
such as Tor,
or Freenet.
you can get all these browsers for free.
the Dark Web is something intentionally hidden
but not inaccessible for any of us.

Tor for the Dark Web

Perhaps the most popular browser used on the Dark Web
is The Onion Routing (Tor) project.
Tor started in the 1990s
at the US Naval Research Lab
with some of its members looking for “a way
to create
internet connections
that [didn’t] reveal who [was] talking to whom,
even to someone monitoring the network.”
In the beginning,
this project was designed and used
only to hide espionage communications,
but later ended up being open to any public
wishing to surf the internet
and share information anonymously.
Tor’s technology is able to route your website requests
through random paths of encrypted proxy servers worldwide,
making your IP address unidentifiable
and your activity unexposed.

Most Dark Web sites have the particular characteristic
that they don’t end in .com or similars
but .onion.
their URLs’ structures are often not easy to remember
(e.g., ‘grams7enufi7jmdl.onion’).
Through different layers of encryption
(i.e., onion routing technique),
they “remain anonymous,
meaning you won’t be able to find out who’s running them
or where they’re being hosted,”
according to Kaspersky’s team.

One problem is that
this environment is somewhat chaotic
and websites are slow.
Although some search engines have been created to facilitate navigation,
they are still inaccurate,
and the experience remains complicated.
(Another option is the lists of URLs,
such as the Hidden Wiki.)
Still and all,
what can we find inside the Dark Web?

Photo by on K8

Photo by K8
on Unsplash

Dark Web’s content

Child pornography,
drugs, guns, hacked accounts,
credit card numbers, user names/passwords,
hacking software and services,
but also forums,
blogs and clubs with fun and constructive content.
All this and much more is what we can find today
on the Dark Web.

The privacy of this dark sector,
for instance,
has served as a shelter for activists and journalists
(and their readers)
in various countries
to maintain their communication
and avoid censorship or condemnation
by drastic governments.
Even Facebook,
a few years ago,
opened an onion address
for users interested in accessing the network
through the Tor protocol
in favor of their privacy.
On the other hand,
many individuals have been offering illicit products and services,
with transactions mainly in bitcoin,
while taking advantage of anonymity.

The act of browsing the Dark Web is not an illegal exercise
but can represent some risks.
These include
the constant flow of malware
that can affect unsuspecting users
and the offering of supposed services
that end up being merely scams.
While several myths seem to have been forged
about the content of this subset of the Deep Web
(e.g., there are rumors about sites broadcasting live torture and murder),
the atrocities that may appear there are still real.
As Joseph Cox said in 2015,
“if violent child pornography is not ‘dark’ enough for you,
perhaps no one can provide whatever it is you’re looking for.”

In response to this situation,
although it is something complex,
looking for weaknesses in systems and processes
that seem unbreakable,
law enforcement officials have managed to identify,
follow and arrest criminals of the Dark Web
on several occasions.
Such was precisely a relatively recent case
in which police in the UK arrested pedophile Richard Huckle
by secretly taking control of a website
focused on child abuse.
Another famous case is that of Ross Ulbricht,
who was captured by the FBI in 2013
for running a vast market for illegal drugs,
money laundering and other illicit activities
on the Dark Web,
called Silk Road.

Your information on the Dark Web

The Dark Web is an ideal site for malicious hackers,
including newcomers,
who can find lots of learning material
and even software ready to perform attacks.
When I said that
we could have already appeared on the Dark Web,
I was referring to the fact
that cybercriminals could have introduced
some of our sensitive information
after achieving a data breach.
Passwords, credit card numbers, physical addresses,
social security numbers and other personal data
circulate every day on the Dark Web.
All this information,
to which access is usually limited,
is often sold and useful to many other attackers
to commit theft or fraud.
After some time,
this data can even be leaked for free,
as the ShinyHunters group apparently did
in the middle of this year
by sharing more than 386 million user records
in a hacker forum.

Many companies and users may still be victims
of the theft of confidential data.
Sensitive information can continue to occupy spaces
on the Dark Web
if the necessary measures are not taken.
Apart from the fact
that it is essential to know
what we are facing daily
with countless amounts of data everywhere
and in the sights of criminals,
it becomes crucial to learn about appropriate cybersecurity practices.

At Fluid Attacks,
we can help you and your company against cyberattacks.
Click here to contact us.

*** This is a Security Bloggers Network syndicated blog from Fluid Attacks RSS Feed authored by Felipe Ruiz. Read the original post at: