fbpx

New search engine Kilos is rapidly gaining traction on the dark web for its extensive index that allows users access to numerous dark web marketplaces.

A new search engine for the dark webKilos, has quickly become a favorite among cybercriminals and here’s why.

It all began when the dark web search engine, Grams, launched in April 2014. Grams was an instant hit, proving useful not only to researchers but cybercriminals too.

The search engine used custom APIs to scrape some of the most prominent cybercriminal markets at the time. These include AlphaBayDream Market, and Hansa.

In addition to helping searchers find an illicit product using simple search terms, Grams also provided Helix, a Bitcoin mixer service. That way, users can conveniently hide their transactions on the platform.

Yes, Grams was a revolutionary tool for cybercriminals on the dark web. But, it’s index was still relatively limited.

In a Wired interview, an administrator stated that the team behind Grams didn’t have the capabilities to crawl the whole darknet yet. So, they had to create an automated site submitter for publishers to submit their site and get listed on the search engine.

Despite Grams’ success, it would not remain for long. In 2017, the administrators shut down the search engine’s indexing ability and took the site down.

However, a new search engine would eventually rise to take Grams’ place two years later.

Kilos Became the Favorite Search Engine on the Dark Web

In November 2019, talks of a new dark web-based search engine called Kilos started making rounds on cybercriminal forums.

According to Digital Shadows, it’s uncertain whether Kilos has pivoted directly from Grams or if the same administrator is behind both projects. However, the initial similarities are uncanny.

For example, they both share a similar search engine-like aesthetics. Also, the naming convention remained the same, following the unit for weight or mass measurement.

Expectedly, Kilos pack more weight than Grams ever did.

Thanks to the new search engine, searchers can now perform more specific searches from a more extensive index. Kilos enable users to search across six of the top dark web marketplaces for vendors and listings.

These include CryptoniaSamsaraVersusCannaHomeCannazon, and Empire.

According to Digital Shadows, Kilos has already indexed 553,994 forum posts, 68,860 listings, 2,844 vendors, and 248,159 reviews from seven marketplace and six forums. That’s an unprecedented amount of dark web content.

What’s more, the dark web search engine appears to be improving, with the administrator introducing new updates and features. Some of these features include:

  • Direct communication between administrator and users
  • A new type of CAPTCHA to prevent automation
  • Advanced filtering system
  • Faster searches and a new advertising system
  • New Bitcoin mixer called Krumble

Kilos are gradually becoming the first stop for dark web users. From individuals looking to purchase illicit products to those searching for specific vendors, tons of users now depend on the search engine.

This could further increase the amount of data that’s available to security researchers as well as threat actors.

[Source: This article was published in edgy.app By Sumbo Bello - Uploaded by the Association Member: Jennifer Levin]

Categorized in Search Engine

Silk Road was an internet black market and the first modern-day darknet market. It was founded by Ross William Ulbricht (also known as Dread Pirate Roberts) born in Texas, the U.S. who had a different ideology.

He believed everyone should have the right to buy, sell whatever they want as long as they did not harm anyone.

If we summarise it, it made Ulbricht a millionaire, and later a convict.

It may sound like a Hollywood movie but it is true. Hollywood actor Keanu Reeves narrated a 2015 documentary on the Silk Road legend called Dark Web which chronicles the rise and fall of the black market and its founder.

Initial Days

SilkRoad was first launched in February 2011. Ulbricht started his dark web marketplace development in 2010. It was a side project to Good Wagon Books. The project was designed to use Tor and bitcoin. It was destined that his marketplace to become the catalyst for a revolution.

When it started, there were a limited number of new seller accounts available. So, every new seller has to purchase a merchant account in an auction. Later, each merchant has to give a fixed fee.

How did it work?

As it operated as a Tor hidden service, communications on Silk Road were considered by users to be entirely anonymous. Besides, transactions on Silk Road could only be made using bitcoins.

For customers, the main benefit it had over its rivals was that it was trustworthy.

Same like eBay, it would match consumers and dealers, allows both parties to rate each other, and provide products to be delivered directly to customers’ doors by the unsuspecting mail service.   

Silk Road 1.jpg

His website connected nearly 4,000 drug traders around the world to sell their drugs to more than 100,000 buyers, and could you get you anything you want from fake documents to top-quality heroin.

It is estimated that in its very short span, over $1 billion transferred through Silk Road, giving Ulbricht a secret fortune of an estimated $28 million at the time of his arrest.

Products in Silk Road

Initial listings on Silk Road were to be restricted to products that resulted in ‘victimless crimes’. On that foundation, products linked to the likes of stolen credit cards, assassinations, weapons of mass destruction and child pornography were banned.

Silk Road 2.jpg

Ulbricht became unwilling or unable to maintain the standards that he had initially set and indeed had relaxed the policy on banning the sale of weapons based on a view that increased firearm regulations were making it harder for people to purchase guns, in contrast with his libertarian values. Furthermore, as the site evolved, more and more ‘contraband’ products began to be listed.

There were also legal goods and services for sale, such as apparel, art, books, cigarettes, erotica, jewelry, and writing services. A sister site, called “The Armoury”, sold weapons (primarily firearms) during 2012, but was shut down, due to a lack of demand.

The End of the Silk Road

Although the authorities were aware of the existence of Silk Road within a few months of its launch, it took over two years from that time for Ulbricht’s identity to be revealed.

Ulbricht may have included a reference to Silk Road on his LinkedIn page, where he discussed his wish to “use economic theory as a means to abolish the use of coercion and aggression amongst mankind” and claimed, “I am creating an economic simulation to give people a first-hand experience of what it would be like to live in a world without the systemic use of force.” Ulbricht moved to San Francisco before his arrest.

Ulbricht was first connected to “Dread Pirate Roberts” by Gary Alford, an IRS investigator working with the DEA on the Silk Road case, in mid-2013.

The connection was made by linking the username “altoid”, used during Silk Road’s early days to announce the website and a forum post in which Ulbricht, posting under the nickname “altoid”, asked for programming help and gave his email address, which contained his full name.

On an October afternoon in a public library in San Francisco, Ross Ulbricht’s dream of an online libertarian paradise came to a sudden end. The FBI had finally caught up with Ulbricht having infiltrated the Silk Road.

At the time of his arrest, he was logged into Silk Road as an administrator and using his Dread Pirate Roberts alias to unknowingly communicate with an undercover FBI agent. Agents found that Ulbricht’s laptop had tens of millions of dollars of bitcoin on it, with millions more stored on USB drives found in his apartment.

The computer also contained Ulbricht’s private journal, which contained damning evidence against him. Within hours of his arrest, Silk Road’s domain had been seized, the market was shut down and Ross Ulbricht’s grand plans to make the world a better place were in disarray.

Silk Road 3.jpg

Aftermath – Silk Road

As part of their investigation into Silk Road, the FBI had caught up with several other Silk Road users and administrators while hunting for Dread Pirate Robert. Prosecutors alleged that Ulbricht paid $730,000 to others to commit the murders, although none of the murders occurred.

The FBI initially seized 26,000 bitcoins from accounts on Silk Road, worth approximately $3.6 million at the time. An FBI spokesperson said that the agency would hold the bitcoins until Ulbricht’s trial finished, after which the bitcoins would be liquidated.

In October 2013, the FBI reported that it had seized 144,000 bitcoins, worth $28.5 million and that the bitcoins belonged to Ulbricht.

The complaint published when Ulbricht was arrested included information the FBI gained from a system image of the Silk Road server collected on 23 July 2013. It noted that “From February 6, 2011, to July 23, 2013, there were approximately 1,229,465 transactions completed on the site. The total revenue generated from these sales was 9,519,664 Bitcoins, and the total commissions collected by Silk Road from the sales amounted to 614,305 Bitcoins. These figures are equivalent to roughly $1.2 billion in revenue and $79.8 million in commissions, at current Bitcoin exchange rates…”, according to the September 2013 complaint, and involved 146,946 buyers and 3,877 vendors.

On 27 June 2014, the U.S. Marshals Service sold 29,657 bitcoins in 10 blocks in an online auction, estimated to be worth $18 million at contemporary rates and only about a quarter of the seized bitcoins. Another 144,342 bitcoins were kept which had been found on Ulbricht’s computer, roughly $87 million.

Trial

Ulbricht’s trial began on 13 January 2015 in federal court in Manhattan. At the start of the trial, Ulbricht admitted to founding the Silk Road website but claimed to have transferred control of the site to other people soon after he founded it.

In the second week of the trial, prosecutors presented documents and chat logs from Ulbricht’s computer that, they said, demonstrated how Ulbricht had administered the site for many months, which contradicted the defense’s claim that Ulbricht had relinquished control of Silk Road. Ulbricht’s attorney suggested that the documents and chat logs were planted there by way of BitTorrent, which was running on Ulbricht’s computer at the time of his arrest.

On 4 February 2015, the jury convicted Ulbricht of seven charges, including charges of engaging in a continuing criminal enterprise, narcotics trafficking, money laundering, and computer hacking. He faced 30 years to life in prison.

The government also accused Ulbricht of paying for the murders of at least five people, but there is no evidence that the murders were carried out, and the accusations never became formal charges against Ulbricht.

During the trial, Judge Forrest received death threats. Users of an underground site called The Hidden Wiki posted her personal information there, including her address and Social Security number. Ulbricht’s lawyer Joshua Dratel said that he and his client “obviously, and as strongly as possible, condemn” the anonymous postings against the judge.

In a letter to Judge Forrest before his sentencing, Ulbricht stated that his actions through Silk Road were committed through libertarian idealism and that “Silk Road was supposed to be about giving people the freedom to make their own choices” and admitted that he made a “terrible mistake” that “ruined his life”.

On 29 May 2015, Ulbricht was given five sentences to be served concurrently, including two for life imprisonment without the possibility of parole. He was also ordered to forfeit $183 million. Ulbricht’s lawyer Joshua Dratel said that he would appeal the sentencing and the original guilty verdict.

On 31 May 2017, the United States Court of Appeals for the Second Circuit denied Ulbricht’s appeal and affirmed the judgment of conviction and life sentence.

Ulbricht’s family continues to campaign to “free Ross Ulbricht from a barbaric, double life sentence for all non-violent charges”, with a website in place to accept donations towards lawyer fees.

 [Source: This article was published in darkweb.wiki - Uploaded by the Association Member: Anthony Frank]

Categorized in Search Engine

Regardless of its predominantly negative connotations, an increasing number of people have started using the dark web to keep their online activity hidden.

According to PreciseSecurity.com research, North America is the most active region globally in this part of the internet. More than 30 percent of North Americans have used the deep web regularly during 2019.

The dark web represents a network of untraceable online activity and websites on the internet that cannot be found using search engines. Accessing them depends upon specific software, configurations, or authorization.

The 2019 survey showed that North America is the leading region in daily usage of the dark web. The statistics indicate that 26 percent of North Americans admitted using the dark web daily. Another 7 percent of them accessed the deep net at least once a week.

Latin Americans ranked second on this list, with 21 percent of respondents visiting the dark web every day and 13 percent weekly. With 17 percent of citizens utilizing it every day, Europe took third place on the global deep net usage list. Another 11 percent of Europeans admitted to doing so at least once a week.

The 2019 data showed online anonymity was by far the most common reason globally for accessing the Tor and the dark web. Nearly 40 percent of respondents used the deep net during the last year to stay anonymous. Another 26 percent of them claimed to use it to retrieve the usually unavailable content in their location. This reason is more ordinary in Middle Eastern, African, and BRICS countries. Other reasons include overcoming governmental censorships and protecting online privacy.

Nearly 25 percent of North Americans used the hidden web in 2019 to ensure their privacy from foreign governments. Another 38 percent of them named protecting the privacy from the internet companies as the leading reason for using the deep web.

The recent surveys revealed some interesting facts about the reasons why people don’t use technologies like Tor to access the dark web. Nearly 50 percent of respondents globally stated that it is because they don’t know how to, while 45 percent of them have no reason for doing so. One in ten citizens views these technologies as unreliable, and only 13 percent of them appear to be concerned about perceptions that it is used by criminals.

 [Source: This article was published in techdigest.tv - Uploaded by the Association Member: Jennifer Levin]

Categorized in Deep Web

In the popular consciousness, the dark web is mostly known as the meeting place of terrorists and extortionist hackers. While there are other, less malicious players afoot, corporations and organizations need to know the real dangers and how to protect against them.

Dark. Mysterious. A den of thieves. A front for freedom fighters. It is many things for many different kinds of people, all of whom by nature or necessity find themselves driven to the fringes of digital society. It is the dark web. 

There’s still plenty of misinformation floating around out there about this obscure corner of the internet. The average cyber citizen is unaware of its very existence. Even for those intimately familiar with the dark web, accurate predictions as to its behavior and future effect on broader internet culture have remained elusive; predictions foretelling its mainstreaming, for instance, seem less and less likely with each passing year. The problem is, this is one case where ignorance isn’t always bliss. Dark web relevance to the general population is becoming more painfully apparent with every breaking news story about yet another data breach.

The amount of personal information accessible via a web connection these days is staggering. Names, addresses, and phone numbers are only the tip of the iceberg. Credit card information, marital status, browsing histories, purchase histories, medical histories (a favorite target of hackers these days) and so much more—every bit and byte of this data is at risk of theft, ransom, exposure and exploitation. A person’s entire life can be up for sale on the dark web without them being any the wiser. That is until their credit card comes up overdrawn, or worse, a mysterious and threatening email graces their inbox threatening to expose some very private information.

But despite the fact that it is the individual being exposed, the ones who truly have to worry are those entities entrusted with storing the individual data of their millions of users. The dark web is a potential nightmare for banks, corporations, government bureaus, health care providers—pretty much any entity with large databases storing sensitive (i.e., valuable) information. Many of these entities are waking up to the dangers, some rudely so, and are too late to avoid paying out a hefty ransom or fine depending on how they handle the situation. Whatever the case, the true cost is often to the reputation of the entity itself, and it is sometimes unrecoverable.

It should be obvious at this point that the dark web cannot be ignored. The first step to taking it seriously is to understand what it is and where it came from.

The landscape

Perhaps the most common misconception regarding the dark web begins with the internet itself. Contrary to popular sentiment, Google does not know all. In fact, it is not even close. Sundar Pichai and his legions of Googlers only index pages they can access, which by current estimates hover in and around the $60 billion mark. Sounds like a lot, but in reality this is only the surface web, a paltry 0.2% to 0.25% of digital space.

Home for the bulk of our data, the other 99.75% is known as the deep web. Research on deep web size is somewhat dated but the conditions the findings are based on appear to point to a growing size disparity, if any changes have occurred at all.

Unlike the surface web, which is made up of all networked information discoverable via public internet browsing, the deep web is all networked information blocked and hidden from public browsing.

Take Amazon as an example. It has its product pages, curated specifically to customer browsing habits and seemingly eerily aware of conversations people have had around their Alexa—this is the Surface Web. But powering this streamlined customer experience are databases storing details for hundreds of millions of customers; including personal identifiable information (PII), credit card and billing information, purchase history, and the like. Then there are databases for the millions of vendors, warehouse databases, logistical databases, corporate intranet, and so on. All in all you are looking at a foundational data well some 400 to 500 times larger than the visible surface.

The dark web is technically a part of this deep web rubric, meeting the criteria of being hidden from indexing by common web browsers. And although microscopically small in comparison it can have an outsized effect on the overall superstructure, sort of like a virus or a cure, depending on how it is used. In the Amazon example, where the dark web fits in is that a portion of its members would like nothing better than to access its deep web data for any number of nefarious purposes, including sale, ransom, or just to sow a bit of plain old anarchic chaos.

Such activities do not interest all dark web users, of course, with many seeing anonymity as an opportunity to fight off corruption rather than be a part of it. The dark web is a complex place, and to fully appreciate this shadow war of villains and vigilantes, how it can affect millions of people every now and then when it spills over into the light, first you have to understand its origins.

Breaking down the numbers

Anonymity is not without its challenges when it comes to mapping out hard figures. The key is to focus on commerce, a clear and reliable demarcating line. For the most part, those only seeking anonymity can stick to hidden chat rooms and the like. However, if a user is looking to engage in illegal activity, in most instances they’re going to have to pay for it. Several past studies and more recent work provide workable insight when extrapolating along this logic path.

First, a 2013 study analyzing 2,618 services being offered found over 44% to involve illicit activity. That number jumped to 57% in a follow up study conducted in 2016. These studies alone project an accelerating upward trend. Short of a more recent comprehensive study, the tried and true investigative maxim of “follow the money” should suffice in convincing the rational mind that this number is only going to grow dramatically. Especially when comparing the $250 million in bitcoin spent in 2012 on the dark web with the projected $1 billion mark for 2019.

Origins and operation

It was the invention of none other than the U.S. military—the Navy, of all branches, if you’d believe it. Seeking an easy way for spy networks to communicate without having to lug heavy encryption equipment to remote and hostile corners of the globe, the U.S. Naval Research Laboratory (NRL) came up with an ingenious solution. Ditching the equipment, it created an overlay network of unique address protocols and a convoluted routing system, effectively masking both the source and destination of all its traffic. By forgoing the traditional DNS system and relying instead on software specific browsers like Tor and Freenet and communication programs like I2P among others, dark web traffic was rendered invisible to traditional crawlers. Furthermore, with these browsers routing traffic through multiple user stations around the world, accurate tracking became extremely difficult. This solution afforded both flexibility and mobility for quick and easy insertion and extraction of human assets while securing sensitive communication to and from the field.

There was only one element missing. As co-creator Roger Dingledine explained, if only U.S. Department of Defense (DoD) personnel used the network it wouldn’t matter that source and destination were masked between multiple user stations. All users would be identifiable as part of the spy network. It would be like trying to hide a needle in a stack of needles. What the dark web needed was a haystack of non DoD users. And so in 2002 the software was made open source and anyone seeking the option to communicate and transact globally was invited to download it. Thousands of freedom-conscious people heeded the call and thus the dark web was born.

But freedom is morally ambiguous, granting expression to the best and worst urges of humanity. This is why security officers and senior executives in banks and businesses, insurance providers and intelligence agencies, all need to know who is using the dark web, what it is being used for, and how imminent is the threat it poses to their operations.

 [This article is originally published in calcalistech.com By riel Yosefi and Avraham Chaim Schneider - Uploaded by AIRS Member: Eric Beaudoin]

Categorized in Deep Web

Almost a third of North Americans accessed the Dark Web daily in 2019

Despite the Dark Web's mostly negative connotation, new research from PreciseSecurity.com has revealed that over 30 percent of North Americans used it regularly during 2019.

Last year saw an increasing number of people beginning to use the Dark Web as a means of keeping their online activity hidden from governments and telecoms.

The Dark Web itself is made up of websites on the internet that cannot be found through traditional search engines. Instead users must rely on specific software such as the Tor browser, configurations or authorization to access these sites.

PreciseSecurity.com's 2019 survey show that North America is the leading region when it comes to daily usage of the Dark Web. The firm's findings revealed that 26 percent of North Americans admitted to using the Dark Web daily while another seven percent accessed it at least once a week.

Dark Web usage

North American may have taken the top spot in terms of Dark Web usage but Latin America was not far behind at second on PreciseSecurity.com's list with 21 percent of respondents saying they visit the deep net daily while thirteen percent said they did so weekly. Europe took third place with 17 percent of citizens utilizing the Dark Web daily and additional 11 percent accessing it at least once a week.

The 2019 survey showed that online anonymity was by far the most common reason for users to access the Dark Web. Almost 40 percent of respondents used it during the last year to stay anonymous online and 26 percent said they used it to retrieve content unavailable in their location despite the fact that using a VPN would be far easier.

Nearly 25 percent of North Americans used the Dark Web to ensure their privacy from foreign governments and another 38 percent used it to protect their privacy from internet companies.

Of those surveyed who don't use Tor or access the Dark Web, almost 50 percent of respondents globally stated that they didn't because they don't know how to while 45 percent said they had no reason for doing so.

[Source: This article was published in techradar.com By Anthony Spadafora - Uploaded by the Association Member: Rene Meyer]

Categorized in Deep Web

Protect yourself by learning about this mysterious digital world

Below the surface, the internet you recognize and use for your browsing is a shadowy, digital netherworld. According to a report by Cybersecurity Ventures, cybercrime is projected to cost the world more than $6 trillion annually by 2021. At the heart of most cybercrime is the Dark Web.

The Dark Web is making its way into the public sphere more and more, but much remains unclear and misunderstood about this mysterious digital world that most of us will never see. Here’s what you need to know:

Three Layers of the Web

The World Wide Web has three distinct layers. The first is the Surface Web, where most people do searches using standard browsers. The second is the Deep Web, which is not indexed in standard search engines and is accessed by logging in directly to a site; it often requires some form of authentication for access. Finally, there is the Dark Web, which is only accessible through specific browsers. Its most common browser, Tor, encrypts all traffic and allows users to remain anonymous.

Gaining access to Dark Web sites often requires an invitation which is offered only after a substantial vetting process. Purveyors of these sites want to keep out law enforcement, although “white hat” hackers (computer security experts) and law enforcement have successfully broken through. Some identity theft protection services provide Dark Web monitoring to see if your personal information, such as your credit card, has been stolen. Often it is through the monitoring of the Dark Web that security professionals first become aware of massive data breaches by researching the commonality of large troves of personal information being sold.

Never click on any links in an email regardless of how legitimate the email may appear unless you have confirmed the email is indeed legitimate.

It is on these criminal Dark Web sites that all kinds of malware, like ransomware, are bought and sold. Other goods and services bought, sold and leased on these Dark Web cybercrime websites include login credentials to bank accounts, personal information stolen through data breaches, skimmers (devices to attack credit card processing equipment and ATMs) and ATM manuals that include default passwords.

Be Aware of Cybercrime Tools

Amazingly, the Dark Web sites have ratings and reviews, tech support, software updates, sales and loyalty programs just like regular retail websites. Many also offer money laundering services. Additionally, botnets (short for “robot network”) of compromised computers can be leased on the Dark Web to deliver malware as well as phishing and spear phishing emails (these appear to be sent from a trusted sender, but are seeking confidential information).

While the actual number of cybercriminal geniuses is relatively small, they’ve developed a lucrative business model. They create sophisticated malware, other cybercrime tools and their delivery systems, then sell or lease those tools to less sophisticated criminals.

The proliferation of ransomware attacks provides a good example of how this business model operates. Ransomware infects your computer and encrypts all of your data. Once your data has been encrypted, you, the victim of a ransomware attack, are told that a ransom must be paid within a short period of time or your data will be destroyed. Ransomware attacks have increased dramatically in the past few years and are now the fastest growing cybercrime.

Cybersecurity Ventures says companies are victimized by ransomware every 14 seconds, at a cost of $11.5 billion worldwide this year. While the creation and development of new ransomware strains requires great knowledge and skill, most ransomware attacks are being perpetrated by less sophisticated cybercriminals who purchase the ransomware on the Dark Web.

Regardless of how protective you are of your personal information, you are only as safe as the legitimate institutions that have your information.

Phishing, and more targeted spear phishing, have long been the primary way that malware, such as ransomware and keystroke logging malware used for identity theft purposes, are delivered. Phishing and spear phishing lure victims into clicking links within emails that download malware onto their computer systems.

Sophisticated cybercriminals now use artificial intelligence to gather personal information from social media such as Twitter, Facebook, Instagram and other sites to produce spear phishing emails with high success rates.

How to Protect Yourself

The best thing you can do to protect yourself from having your information turn up on the Dark Web is to avoid downloading the malware that can lead to your information being stolen or your computer being made a part of a botnet. Never click on any links in an email regardless of how legitimate the email may appear unless you have confirmed that the email is indeed legitimate.

Relying on security software is not enough to protect you, because the best security software is always at least a month behind the latest strains of malware. Regardless of how protective you are of your personal information, you are only as safe as the legitimate institutions that have your information.

In this era of constant data breaches, it is advisable to use an identity theft protection service that will monitor the Dark Web and alert you if your information appears there.  And there are websites which offer guidance on what to do if this happens to you. These monitors are a small flashlight shedding a beam on a very dark section of the digital universe and may help avoid major headaches before it’s too late.

[Source: This article was published in nextavenue.org By Steve Weisman - Uploaded by the Association Member: David J. Redcliff]

Categorized in Deep Web

The BBC has made its international news website available via the Tor network, in a bid to thwart censorship attempts.

The Tor browser is privacy-focused software used to access the dark web.

The browser can obscure who is using it and what data is being accessed, which can help people avoid government surveillance and censorship.

Countries including China, Iran and Vietnam are among those who have tried to block access to the BBC News website or programmes.

Instead of visiting bbc.co.uk/news or bbc.com/news, users of the Tor browser can visit the new bbcnewsv2vjtpsuy.onion web address. Clicking this web address will not work in a regular web browser.

The dark web copy of the BBC News website will be the international edition, as seen from outside the UK.

It will include foreign language services such as BBC Arabic, BBC Persian and BBC Russian.

But UK-only content and services such as BBC iPlayer will not be accessible, due to broadcast rights.


What is Tor?

Tor is a way to access the internet that requires software, known as the Tor browser, to use it.

The name is an acronym for The Onion Router. Just as there are many layers to the vegetable, there are many layers of encryption on the network.

It was originally designed by the US Naval Research Laboratory, and continues to receive funding from the US State Department.

It attempts to hide a person's location and identity by sending data across the internet via a very circuitous route involving several "nodes" - which, in this context, means using volunteers' PCs and computer servers as connection points.

Encryption applied at each hop along this route makes it very hard to connect a person to any particular activity.

To the website that ultimately receives the request, it appears as if the data traffic comes from the last computer in the chain - known as an "exit node" - rather than the person responsible.

dark web

Image captionTor hides a user's identity by routing their traffic through a series of other computers.

 As well as allowing users to visit normal websites anonymously, it can also be used as part of a process to host hidden sites, which use the .onion suffix.

Tor's users include the military, law enforcement officers and journalists, as well as members of the public who wish to keep their browser activity secret.

But it has also been associated with illegal activity, allowing people to visit sites offering illegal drugs for sale and access to child abuse images, which do not show up in normal search engine results and would not be available to those who did not know where to look.


While the Tor browser can be used to access the regular version of the BBC News website, using the .onion site has additional benefits.

"Onion services take load off scarce exit nodes, preserve end-to-end encryption [and] the self-authenticating domain name resists spoofing," explained Prof Steven Murdoch, a cyber-security expert from University College London.

In a statement, the BBC said: "The BBC World Service's news content is now available on the Tor network to audiences who live in countries where BBC News is being blocked or restricted. This is in line with the BBC World Service mission to provide trusted news around the world."

On Wednesday, the BBC also announced the UK's first interactive voice news service for smart speakers.

People using an Amazon Alexa-powered device will be able to skip ahead and get more information about the stories they are most interested in.

[Source: This article was published in bbc.com - Uploaded by the Association Member: Patrick Moore]

Categorized in Deep Web

Since the Arab uprisings of 2011, UAE has utilised 'cyber-security governance' to quell the harbingers of revolt and suppress dissident voices

he nuts and bolts of the Emirati surveillance state moved into the spotlight on 1 February as the Abu Dhabi-based cybersecurity company DarkMatter allegedly stepped "out of the shadows" to speak to the international media.

Its CEO and founder, Faisal al-Bannai, gave a rare interview to the Associated Press at the company's headquarters in Abu Dhabi, in which he absolved his company of any direct responsibility for human rights violations in the UAE.  

Established in the UAE in 2015, DarkMatter has always maintained itself to be a commercially driven company. Despite the Emirati government constituting 80 percent of DarkMatter's customer base and the company previously describing itself as "a strategic partner of the UAE government", its CEO was at pains to suggest that it was independent from the state.

According to its website, the company's stated aim is to "protect governments and enterprises from the ever-evolving threat of cyber attack" by offering a range of non-offensive cybersecurity services. 

Seeking skilled hackers

Though DarkMatter defines its activities as defensive, an Italian security expert, who attended an interview with the company in 2016, likened its operations to "big brother on steroids" and suggested it was deeply rooted within the Emirati intelligence system.

Simone Margaritelli, also a former hacker, alleged that during the interview he was informed of the UAE's intention to develop a surveillance system that was "capable of intercepting, modifying, and diverting (as well as occasionally obscuring) traffic on IP, 2G, 3G, and 4G networks".

Although he was offered a lucrative monthly tax-free salary of $15,000, he rejected the offer on ethical grounds.

Furthermore, in an investigation carried out by The Intercept in 2016, sources with inside knowledge of the company said that DarkMatter was "aggressively" seeking skilled hackers to carry out offensive surveillance operations. This included plans to exploit hardware probes already installed across major cities in order to track, locate and hack any person at any time in the UAE.

In many respects, the UAE's surveillance infrastructure has been built by a network of international cybersecurity “dealers” who have willingly profited from supplying the Emirati regime with the tools needed for a modern-day surveillance state

As with other states, there is a need for cybersecurity in the UAE. As the threat of cyber-attacks has increased worldwide, there have been numerous reports of attempted attacks from external actors on critical infrastructure in the country. 

Since the Arab uprisings of 2011, however, internal "cyber-security governance", which has been utilised to quell the harbingers of revolt and suppress dissident voices, has become increasingly important to the Emirati government and other regimes across the region.

Authoritarian control

In the UAE, as with other GCC states, this has found legislative expression in the cybercrime law. Instituted in 2012, its vaguely worded provisions essentially provide a legal basis to detain anybody who criticises the regime online.

This was to be followed shortly after by the formation of the UAE’s own cybersecurity entity, the National Electronic Security Authority (NESA), which recently began working in parallel with the UAE Armed Forces’ cyber command unit, established in 2014.  

A network of Emirati government agencies and state-directed telecommunications industries have worked in loose coordination with international arms manufacturers and cybersecurity companies to transform communications technologies into central components of authoritarian control. 

In 2016, an official from the Dubai police force announced that authorities were monitoring users across 42 social media platforms, while a spokesperson for the UAE’s Telecommunication Regulatory Authority similarly boasted that all social media profiles and internet sites were being tracked by the relevant agencies.

000 OF77X

Crown Prince Mohammed Bin Zayed Al Nahyan of Abu Dhabi meets with US President Donald Trump in Washington in May 2017 (AFP)

As a result, scores of people who have criticised the UAE government on social media have been arbitrarily detained, forcefully disappeared and, in many cases, tortured.

Last year, Jordanian journalist Tayseer al-Najjar and prominent Emirati academic Nasser bin Ghaith received sentences of three and 10 years respectively for comments made on social media. Similarly, award-winning human rights activist Ahmed Mansoor has been arbitrarily detained for nearly a year due to his online activities. 

This has been a common theme across the region in the post-"Arab Spring" landscape. In line with this, a lucrative cybersecurity market opened up across the Middle East and North Africa, which, according to the US tech research firm Gartner, was valued at $1.3bn in 2016.

A modern-day surveillance state

In many respects, the UAE's surveillance infrastructure has been built by a network of international cybersecurity "dealers" who have willingly profited from supplying the Emirati regime with the tools needed for a modern-day surveillance state. 

Moreover, it has been reported that DarkMatter has been hiring a range of top talent from across the US national security and tech establishment, including from Google, Samsung, and McAfee. Late last year, it was revealed that DarkMatter was managing an intelligence contract that had been recruiting former CIA agents and US government officials to train Emirati security officials in a bid to bolster the UAE's intelligence body.

UK military companies also have a foothold in the Emirati surveillance state. Last year, it was revealed that BAE Systems had been using a Danish subsidiary, ETI Evident, to export surveillance technologies to the UAE government and other regimes across the region. 

'The million-dollar dissident'

Although there are officially no diplomatic relations between the two countries, in 2016, Abu Dhabi launched Falcon Eye, an Israeli-installed civil surveillance system. This enables Emirati security officials to monitor every person "from the moment they leave their doorstep to the moment they return to it", a source close to Falcon Eye told Middle East Eye in 2015.

The source added that the system allows work, social and behavioral patterns to be recorded, analyzed and archived: "It sounds like sci-fi but it is happening in Abu Dhabi today."

Moreover, in a story that made headlines in 2016, Ahmed Mansoor's iPhone was hacked by the UAE government with software provided by the Israeli-based security company NSO Group. Emirati authorities reportedly paid $1m for the software, leading international media outlets to dub Mansoor "the million-dollar dissident."

Mansoor's case is illustrative of how Emirati authorities have conducted unethical practices in the past. In recent years, the UAE has bought tailored software products from international companies such as Hacking Team to engage in isolated, targeted attacks on human rights activists, such as Mansoor.

The operations of DarkMatter, as well as the installation of Falcon Eye, suggest, however, that rather than relying on individual products from abroad, Emirati authorities are now building a surveillance system of their own and bringing operations in-house by developing the infrastructure for a 21st-century police state. 

[Source: This article was published in middleeasteye.net By JOE ODELL - Uploaded by the Association Member: Wushe Zhiyang]

Categorized in Deep Web

[Source: This article was published in technadu.com By Sydney Butler - Uploaded by the Association Member: Dana W. Jimenez]

The Dark Web, as part of the Deep Web, is defined largely by the fact that search engines can’t index it. Yet, people need to find onion sites in order to use them and many onion sites would be pretty pointless if no one ever visited them.

Which brings us to the idea of Dark Web “search engines”. Is there such a thing? How do they work? It’s a little more complicated than simply making a “Google for the Dark Web”, but in this article, you’ll learn about some of the best “search engines”, right after we explain what the special meaning of that term is in this context.

What Are Dark Web Search Engines?

Many so-called Dark Web search engines are really just repositories of links. This is actually how early search engines on the internet worked. More like a giant phone book than a web crawler that indexed the contents of sites.

Then, of course, there are search engines on the Dark Web that search the surface web. In other words, they provide a super-secure way to search for things on the regular internet that you don’t want to be attached to your history or identity. So adjust your expectations a little of what it means for something on the Dark Web to be a search engine and feast your eyes on these excellent Dark Web destinations, in your search for hidden network content.

DuckDuckGo

DuckDuckGo

DuckDuckGo is easily accessible via the surface web, you just have to type its URL into any browser. It also offers an onion domain, which means that it counts as a Dark Web search engine, although it’s not really an engine that searches the Dark Web itself. You can search for onion links using this tool, but your mileage may vary.

What makes DuckDuckGo special is its ability to return relevant search results almost as good as those provided by Google. Yet, it does not need to store any information about you or your search history in order to do it. It’s one of the best privacy-focused search engines in existence and its presence on the Dark Web just adds another strong layer of security.

Torch

Torch

Torch is one of the oldest onion site indexes in existence. While no one knows for sure how much info is stored on the site, Torch itself claims that there are more than a million pages in its index. If something you’ve heard of exists on the Dark Web, Torch is probably your best chance of finding it.

The Onion URL Repository

Just as the name suggests, the Onion URL directory is another massive dump of onion sites with descriptions. More than a million sites by all accounts. That’s a lot of possible destinations to sift through, although no one knows how much of it overlaps with a site like Torch and how much is unique to this repository. Unfortunately, we weren’t actually able to find a working link to this one at the time of writing.

notEvil

notEvil

notEvil is the closest thing to a Google experience you may get on the Dark Web. The design of the site and how it appears to work is very reminiscent of the search giant. The name of this search tool is also a direct reference to Google since the company once had the motto “don’t be evil”, although that has been quietly retired.

notEvil provides some of the most relevant results and is probably the best “proper” search engine on the Dark Web.

Ahmia.fi

Ahmia.fi

OK, Ahmia is something a little different to the other sites listed here. Instead of being a search engine that resides on the Dark Web, this is actually an engine that searches the Tor Hidden Services network from the surface web. It also has an onion service and to actually visit any of the sites listed you’ll need Tor, but it’s pretty awesome that you can look for onion sites from any computer, not just one that has access to Tor.

Candle

Candle

Candle is a fairly new project that was first announced on r/onions/ three years ago. It’s a hobby project from the creator, trying to make a Google-like search engine for Tor. So Candle has actually been indexing onion sites and when it was announced there were already more than 100,000 pages.

Categorized in Deep Web

[Source: This article was published in csoonline.com By Josh Fruhlinger- Uploaded by the Association Member: Eric Beaudoin] 

Catch a glimpse of what flourishes in the shadows of the internet.

Back in the 1970s, "darknet" wasn't an ominous term: it simply referred to networks that were isolated from the mainstream of ARPANET for security purposes. But as ARPANET became the internet and then swallowed up nearly all the other computer networks out there, the word came to identify areas that were connected to the internet but not quite of it, difficult to find if you didn't have a map.

The so-called dark web, a catch-all phrase covering the parts of the internet not indexed by search engines, is the stuff of grim legend. But like most legends, the reality is a bit more pedestrian. That's not to say that scary stuff isn't available on dark web websites, but some of the whispered horror stories you might've heard don't make up the bulk of the transactions there.

Here are ten things you might not know about the dark web.

New dark web sites pop up every day...

A 2015 white paper from threat intelligence firm Recorded Future examines the linkages between the Web you know and the darknet. The paths usually begin on sites like Pastebin, originally intended as an easy place to upload long code samples or other text but now often where links to the anonymous Tor network are stashed for a few days or hours for interested parties. 

While searching for dark web sites isn't as easy as using Google—the point is to be somewhat secretive, after all—there are ways to find out what's there.  The screenshot below was provided by Radware security researcher Daniel Smith, and he says it's the product of "automatic scripts that go out there and find new URLs, new onions, every day, and then list them. It's kind of like Geocities, but 2018"—a vibe that's helped along by pages with names like "My Deepweb Site," which you can see on the screenshot.

fresh onions

..and many are perfectly innocent

Matt Wilson, chief information security advisor at BTB Security, says that "there is a tame/lame side to the dark web that would probably surprise most people. You can exchange some cooking recipes—with video!—send email, or read a book. People use the dark web for these benign things for a variety of reasons: a sense of community, avoiding surveillance or tracking of internet habits, or just to do something in a different way."

It's worth remembering that what flourishes on darknet is material that's been banned elsewhere online. For example, in 2015, in the wake of the Chinese government cracking down on VPN connections through the so-called "great firewall," Chinese-language discussions started popping up on the darknet — mostly full of people who just wanted to talk to each other in peace.

Radware's Smith points out that there are a variety of news outlets on the dark web, ranging from the news website from the hacking group Anonymous to the New York Times, shown in the screenshot here, all catering to people in countries that censor the open internet.

nytimes

 

Some spaces are by invitation only

Of course, not everything is so innocent, or you wouldn't be bothering to read this article. Still, "you can't just fire up your Tor browser and request 10,000 credit card records, or passwords to your neighbor’s webcam," says Mukul Kumar, CISO and VP of Cyber Practice at Cavirin. "Most of the verified 'sensitive' data is only available to those that have been vetted or invited to certain groups.

"

How do you earn an invite into these kinds of dark web sites? "They're going to want to see history of crime," says Radware's Smith. "Basically it's like a mafia trust test. They want you to prove that you're not a researcher and you're not law enforcement. And a lot of those tests are going to be something that a researcher or law enforcement legally can't do."

There is bad stuff, and crackdowns means it's harder to trust

As recently as last year, many dark web marketplaces for drugs and hacking services featured corporate-level customer service and customer reviews, making navigating simpler and safer for newbies. But now that law enforcement has begun to crack down on such sites, the experience is more chaotic and more dangerous.

"The whole idea of this darknet marketplace, where you have a peer review, where people are able to review drugs that they're buying from vendors and get up on a forum and say, 'Yes, this is real' or 'No, this actually hurt me'—that's been curtailed now that dark marketplaces have been taken offline," says Radware's Smith. "You're seeing third-party vendors open up their own shops, which are almost impossible to vet yourself personally. There's not going to be any reviews, there's not a lot of escrow services. And hence, by these takedowns, they've actually opened up a market for more scams to pop up."

Reviews can be wrong, products sold under false pretenses—and stakes are high

There are still sites where drugs are reviewed, says Radware's Smith, but keep in mind that they have to be taken with a huge grain of salt. A reviewer might get a high from something they bought online, but not understand what the drug was that provided it.

One reason these kinds of mistakes are made? Many dark web drug manufacturers will also purchase pill presses and dyes, which retail for only a few hundred dollars and can create dangerous lookalike drugs. "One of the more recent scares that I could cite would be Red Devil Xanax," he said. "These were sold as some super Xanax bars, when in reality, they were nothing but horrible drugs designed to hurt you."

The dark web provides wholesale goods for enterprising local retailers...

Smith says that some traditional drug cartels make use of the dark web networks for distribution—"it takes away the middleman and allows the cartels to send from their own warehouses and distribute it if they want to"—but small-time operators can also provide the personal touch at the local level after buying drug chemicals wholesale from China or elsewhere from sites like the one in the screenshot here. "You know how there are lots of local IPA microbreweries?" he says. "We also have a lot of local micro-laboratories. In every city, there's probably at least one kid that's gotten smart and knows how to order drugs on the darknet, and make a small amount of drugs to sell to his local network."

xanax

 

...who make extensive use of the gig economy

Smith describes how the darknet intersects with the unregulated and distributed world of the gig economy to help distribute contraband. "Say I want to have something purchased from the darknet shipped to me," he says. "I'm not going expose my real address, right? I would have something like that shipped to an AirBnB—an address that can be thrown away, a burner. The box shows up the day they rent it, then they put the product in an Uber and send it to another location. It becomes very difficult for law enforcement to track, especially if you're going across multiple counties."

Not everything is for sale on the dark web

We've spent a lot of time talking about drugs here for a reason. Smith calls narcotics "the physical cornerstone" of the dark web; "cybercrime—selling exploits and vulnerabilities, web application attacks—that's the digital cornerstone. Basically, I'd say a majority of the darknet is actually just drugs and kids talking about little crimes on forums."

Some of the scarier sounding stuff you hear about being for sale often turns out to be largely rumors. Take firearms, for instance: as Smith puts it, "it would be easier for a criminal to purchase a gun in real life versus the internet. Going to the darknet is adding an extra step that isn't necessary in the process. When you're dealing with real criminals, they're going to know someone that's selling a gun."

Specific niches are in

Still, there are some very specific darknet niche markets out there, even if they don't have the same footprint that narcotics does. One that Smith drew my attention to was the world of skimmers, devices that fit into the slots of legitimate credit and ATM card readers and grab your bank account data.

And, providing another example of how the darknet marries physical objects for sale with data for sale, the same sites also provide data manual sheets for various popular ATM models. Among the gems available in these sheets are the default passwords for many popular internet-connected models; we won't spill the beans here, but for many it's the same digit repeated five times.

atm skinners

 

It's still mimicking the corporate world

Despite the crackdown on larger marketplaces, many dark web sites are still doing their best to simulate the look and feel of more corporate sites

elude

 

The occasional swear word aside, for instance, the onion site for the Elude anonymous email service shown in this screenshot looks like it could come from any above-board company.

One odd feature of corporate software that has migrated to the dark web: the omnipresent software EULA. "A lot of times there's malware I'm looking at that offers terms of services that try to prevent researchers from buying it," he says. "And often I have to ask myself, 'Is this person really going to come out of the dark and trying to sue someone for doing this?'"

And you can use the dark web to buy more dark web

And, to prove that any online service can, eventually, be used to bootstrap itself, we have this final screenshot from our tour: a dark web site that will sell you everything you need to start your own dark web site.docker

 

Think of everything you can do there—until the next crackdown comes along.

Categorized in Internet Privacy
Page 1 of 14

airs logo

Association of Internet Research Specialists is the world's leading community for the Internet Research Specialist and provide a Unified Platform that delivers, Education, Training and Certification for Online Research.

Get Exclusive Research Tips in Your Inbox

Receive Great tips via email, enter your email to Subscribe.

Follow Us on Social Media