To understand the dark web and how criminals operate on it, it is necessary to outline the difference between the surface web (or ‘clearweb’), the deep web and the dark web. The surface web is an infrastructure that can be accessed by standard web crawlers for the purpose of indexing by all major search engines. Simply speaking, websites in the clear web are easy to come by through Google. The deep web (or ’hidden web’), on the other hand, is unavailable to standard web crawlers, and therefore largely remains unindexed. Websites with deep web infrastructure are only searchable if you submit a query within the website database. The dark web is just a segment of the deep web, accessible through Tor browser, where many websites (with .onion domain) are not just unindexed by search engines (and therefore require you to know the link to access them), but often require login credentials to access their internal database.
Dark web: the good and the bad
The hidden nature of the dark web offers many advantages: for example, to people who voice dissent against an oppressive government and need to protect their anonymity and ensure their digital security. On the other hand, the hidden nature of the dark web became notorious for offering a platform for all sorts of illegal content. Dark web hosts a multitude of illegal marketplaces where, among other things, stolen personal data is sold to anyone who offers to pay. Transactions are conducted in bitcoins, and all communications and purchase records are encrypted, which makes it impossible to trace sellers and buyers. Such marketplaces are investigated and routinely shut down by law enforcement, but new ones emerge almost instantly to replace them.
In late January 2019, Europol press release revealed that a Joint Investigative Team established at the start of last year conducted operations that led to the shutdown of xDedic Marketplace, a notorious platform (operating both in the dark web and clear web) that sold access to compromised electronic devices and personal data. xDedic infrastructure was maintained on servers around the world, and all transactions were conducted through bitcoin, effectively masking the identity of market owners, sellers and buyers. Among the compromised data searchable on xDedic were not just credentials of individual victims, but account information of state institutions, academic establishments, medical facilities, law firms and more. The impact of compromised data sold on xDedic is estimated at $68 million.
Your digital security on Tor
You may have your own reasons to access the dark web through the Tor browser or other available tools. Despite the notion that Tor was created to serve privacy and anonymity, this is not necessarily the case. In fact, especially if you yourself are hosting a server on the dark web, it is necessary to adopt additional precautions when it comes to Tor usage. Tor is not devoid of vulnerabilities: just last year, for example, security researchers discovered that a bug (dubbed ‘TorMoil’) could expose real IP addresses of Linux or Mac OS users.
Using a VPN for dark web browsing is the most straightforward way to ensure your device’s privacy and security. Some of the top rated VPN services offer excellent compatibility with Tor, the most widely used dark web browser. Mind that you may not be able to access some dark web hidden services unless you configure Tor via VPN so that Tor is your final node of connectivity to the web service.
Why use VPN on the dark web
VPN encrypts all your internet activities and establishes a secure connection that hides from your ISP the fact that you are using Tor in the first place. Good VPN providers offer a kill-switch that protects you in case the VPN connection drops.
Even on a browser like Tor, you may fall victim to man-in-the-middle attacks if you, for example, use public WiFi to connect to the internet. VPN is indispensable on such occasions. Using a VPN will ensure that hackers will not gain access to your device to steal your files or infect them with ransomware. Considering possible Tor vulnerabilities (the one that had been discovered was since patched, but this does not mean there aren’t more of them), having VPN running at all times ensures that your real IP address will never be compromised and leaked.