What is the dark web and how does it work in 2024? The dark web is part of the internet that exists beyond the reach of conventional search engines. While it has gained notoriety for illicit activities, the dark web also serves legitimate purposes for those seeking privacy and anonymity online. Whether for criminal purposes or privacy, usage of the dark web is increasing. In April of 2023 there were about 2.7 million daily visitors to the dark web, and research shows that 56.8% of the content on the dark web is illegal in some way. So, let’s take a tour of some of the important things to know about the dark web.
Please note that the dark web is NOT safe, and you can get malware just by visiting some sites on the dark web. We recommend that you do NOT use the dark web unless you are in a sandboxed environment.
Uses of the Dark Web
Before we dive into how the dark web works, let’s look at WHY people use the dark web. It’s not always for illegal activities. The anonymity of the dark web attracts both legitimate and criminal users. Some legal uses include:
However, the dark web is also known for hosting illegal marketplaces and services such as:
Now, let’s address the “how it works” portion of the question.
The dark web functions by using a technology called onion routing to obscure the source and destination of internet traffic. You travel a “circuit,” which is a path through the network that consists of a:
1. Guard node: Node “A” below is the entrance computer that is a trusted source and must be authorized.
2. Middle node: Node “B” below is a node that can’t talk directly to the source or destination.
3. Exit node: Node “C” is the last stop before your destination.
This process makes it extremely difficult to trace the original user or their location. The encryption and routing provide anonymity for both visitors and website operators on the dark web. For more information on how encryption works, watch our video on the difference between public and private key encryption.
Accessing the Dark Web
As we mentioned earlier, you need special software like the Tor browser to access the dark web. But how do you know where to go when the dark web does not have reliable search engines? Because dark web sites can go live and offline very quickly, you need a regularly updated guide. You can connect to the dark web by using a clear web (regular internet site) like Tor.taxi that provides a list of current popular sites (you would then access the site in the Tor browser) and can alert you to active scams. Here’s a screen shot of Tor.taxi:
You will also want to consider navigation advice from sites like Dread, which is a dark web forum like Reddit that features news and discussions around darknet markets. As you can see in the screenshot below, it offers a wide array of topics, and a forum with links to current dark web marketplaces.
Image 3: Screenshot of Dread dark web forum.
Once you have accessed a market, you will find ads for everything from guns to stolen credentials and data. Here is an example of a listing for a full stolen profile:
Image 4: Dark web marketplace listing selling full information profile.
You can also see how inexpensive it is to buy malware and hacking tools on the dark web. In the image below, you can see that a criminal can acquire an untraceable information harvesting program for only $10.
Image 5: Dark web marketplace listing for an information harvester.
Here’s another ad for a Remote Access Trojan malware program for only $45.
How do criminals buy with confidence? Much like on the clear web marketplaces, most dark web marketplaces have seller ratings and reviews to help them select reliable vendors with high-quality (if illegal) products.
The Rise of Evil AI
What is the biggest change in the dark web? Just like the clear web, it’s the arrival of generative AI. Dark web AI platforms are making it easier for criminals to plan and launch cyberattacks. Just like you have ChatGPT for the clear web, for $100 you can get a membership to an evil AI, with no guardrails, that can write malware, ransomware, high-quality phishing emails, and more. It will also give you detailed instructions and advice on how to plan and execute these criminal attacks. Check out the screenshot below for an example of the WormGPT on the dark web.
Image 7: The evil AI WormGPT.
How to Avoid Being a Listing on Dark Web Ransomware and Extortion Sites
To avoid becoming a target of cyber threats originating from the dark web, it’s essential to take proactive security measures. While the dark web is often a planning ground for cybercriminals before an attack and a marketplace for your stolen data, the actual attacks occur on your infrastructure. Therefore, focusing on protecting your organization’s environment is crucial. The top strategies include:
The Future of the Dark Web
As technology evolves, so too will the dark web. Law enforcement is becoming more adept at infiltrating criminal networks, while privacy advocates push for stronger protections. Some key trends to watch include:
The Dark Web in Context
It's important to understand that the dark web makes up only a tiny fraction of the internet. While it does enable some criminal activity, it also plays a vital role in protecting privacy and free speech online. As with any technology, the impact of the dark web ultimately depends on how it is used. Remember, accessing the dark web is NOT safe. If you choose to access it, you should do so from a sandboxed computer with strong security controls.
We hope you found this information on how the dark web works helpful. If your organization needs help with proactive security such as technical testing, advisory and compliance services, cybersecurity solutions, and training, please contact us. We’re ready to help!
This blog is distributed with the permission of LMG Security.
ABOUT LMG SECURITY
LMG Security is a full-service cybersecurity firm, providing one stop shopping for a wide array of cybersecurity services. Whether you need virtual CISO or regulatory compliance consulting services, testing, solution integration, training or one of our many other services – our expert team has you covered. Our team of recognized cybersecurity experts have been covered on the Today Show and NBC News, as well as quoted in the New York Times, Wall Street Journal, and many other publications. In addition to online cybersecurity training, LMG Security provides world-class cybersecurity services to a diverse client base located around the United States and internationally.