Don’t stay in the dark regarding the dark web! We go through some common questions that researchers have about the nefarious corner of the internet.
On a recent live episode of the NeedleStack podcast, former CIA cybersecurity officer and show host Matt Ashburn took some of our audience’s burning questions about the dark web. Here’s what he had to say:
How do I get access to the dark web?
This is a great question, as any sleuth worth their metaphorical trench coat needs to access the dark web. The simple answer is: anybody can access the dark web. All you need to do to access the dark web is download Tor. That’s it. Really. Of course, you can always pair Tor with Tails or take extra security measures — which we strongly recommend — but to just access the dark web with no extra frills or steps is as simple as downloading Tor.
Before you access the dark web, though, it is vital to take a moment to understand the risks of venturing into this space and to make sure that your organization both allows you to do so and is aware that you are doing so.
For a more in-depth look at the basics of the dark web, be sure to check out episode 13 of the NeedleStack podcast as well.
My company doesn't allow access to the dark web, but it would be valuable for my research. Can I access it safely from a personal device?
This is an interesting question due to the caveat of safe access, as you can definitely access the dark web via a personal device, but the question of safety is, well, dependent on your own definition of safety.
Here at Authentic8, we tend to suggest you avoid using the dark web on your personal device. Why? Using a personal device could very easily compromise your anonymity, privacy and security. When researchers access the dark web, it is safe to say they are likely browsing sites that contain objectionable, if not illegal, activity and content — all of which could be the catalyst for your personal device getting infected with dark web malware. Due to this, it’s extremely important that you review your organization’s policy on personal device usage and that you take as many safety precautions as possible if you do choose to use your personal device for dark web research.
How do I know if my company is being referenced on the dark web if I can't access it?
In a lot of cases, dark web markets are one of, if not the, first places your organization’s data can land following a breach, so it is smart to keep tabs on the dark web to see if your company is being referenced there.
If you are in a situation where your company doesn’t allow access to the dark web or something is stopping you from gaining access to the dark web, there are services out there that specialize in combing dark web marketplaces, gathering any and all information relevant to your organization and compiling it in an easy-to-search report. Certain companies that offer this will even provide alerts for certain key terms or phrases so that you and your organization can be aware of dark web name-dropping as soon as it happens. If you’re worried about scraping the depths of the dark web but also want to stay informed as to your organization’s presence there, we highly recommend you look into such companies and their offerings.
What are the top dark web marketplaces today?
The interesting thing about this question is that there really is no true concrete answer — what’s active today won’t necessarily be active tomorrow. Most dark web marketplaces are taken down by a government entity, only to start back up somewhere else. AlphaBay is probably the largest dark web marketplace of all time up to this point, and they were taken down in 2017 — although they are supposedly back up and running again. Aside from AlphaBay, you have ASAP, Abacus, Archetyp, Bohemia, Vice City Market, and quite a few region-specific marketplaces.
What are the best tools to analyze cryptocurrency transactions?
The obvious answer here is Chainalysis, as it is the premier platform for cryptocurrency analysis out there. Of course, Chainalysis is not the only good option available, especially with cryptocurrency’s increasing popularity and traction. LexisNexis TruNarrative, Crystal and Coinbase Analytics are three great alternatives to Chainalysis and provide great cryptocurrency analysis.
For more in-depth analysis on the best cryptocurrency transaction analysis tools as well as how they work, check out this clip from episode 19 of the NeedleStack podcast:
How does blockchain analysis work for Monero?
Monero, as opposed to other cryptocurrencies, places a heavier emphasis on privacy; in fact, Monero is one of the cryptocurrencies that is essentially untraceable. With Monero, you cannot obtain the sending and receiving addresses, the amount of cryptocurrency exchanged, the address balance or any transaction histories.
Unfortunately, due to these incredible levels of anonymity, Monero has become a fan favorite of bad actors; for this reason, some cryptocurrency exchanges have actually banned Monero, thus making it less attractive.
Time will tell if investigators and researchers will be able to make any dents in Monero’s privacy, but for now, it remains one of, if not the, most untraceable cryptocurrencies.
If your cybercriminals are still using BitCoin, there’s hope! Check out this episode, Follow the money: how cryptocurrency shines a light in the dark web.
I've heard of using PGP encryption to securely communicate — what is it/how do you get it/how do you use it?
The topic of PGP encryption came up with our illustrious guest, Eileen Ormsby, who investigated the Silk Road as well as other dark destinations. Despite its name, PGP encryption offers more than just pretty good privacy — it is an incredibly safe and secure platform. As a matter of fact, PGP is the de facto standard for email privacy.
PGP has been around for about 30 years and, like all encryption, it encrypts the message in the content but doesn’t actually make you anonymous. Think of it this way: an email is a piece of electronic mail. Snail mail is sent with the letter or document safely protected within an envelope, and the envelope has certain information on it that anyone can see; however, people cannot see the contents of what’s inside just by looking at the envelope.
When it comes to email and PGP encryption, someone can see the information available on the proverbial envelope (sender, recipient, date, time, subject line, and perhaps the IP address) but they cannot see the contents of the envelope (i.e., your message). So for your and your organization's safety, do not — we repeat, DO NOT — put any sensitive information in the subject line.
Ultimately, PGP has stood the test of time and is a phenomenal resource that researchers need to be taking advantage of if they aren’t already.
The NeedleStack podcast releases new episodes on a regular basis covering all sorts of online research topics, from the dark web to OSINT shaping world events to SOC investigations and everything in between.
Check out the episode library here to learn more about the podcast and about good security practices.Cryptocurrency