The Anti-virus Times

Tuesday, September 21, 2021

Imagine an iceberg drifting across a cold ocean. What you see above the surface is just a small portion of this natural structure. The remaining portion cannot easily be seen: at the very least you’ll need some diving equipment and lots of courage in order to get to it. The Internet is also an iceberg of sorts, where sites like drweb.com are just its tip, while more exotic content is hidden deep beneath the surface. In today's Anti-virus Times issue, we’re going to talk about this ‘underwater’ part of the Internet—the darknet—and about the dangers that may lurk in its shadows.

What is the darknet?

Darknet is a general term referring to a number of network nodes that facilitate anonymous communication, commerce and file sharing. How often have you come across sites with web addresses having an unusual top-level domain name, such as .onion or .i2p? If you try to go to a web address like that in your conventional browser, it will inform you that the site is unavailable. But who wouldn’t be curious to learn what is hiding out there? Almost all sites whose addresses end like that are part of the darknet. These domain names serve as markers, indicating that the respective web page can only be opened in certain browsers equipped with advanced security and anonymity features.

Simply put, the darknet is a multitude of sites that can’t be accessed unless special software is used. The darknet has its own domain name system, and popular search engines, such as Google or Bing, don’t index them.

Some people may get the impression that on the darknet people can maintain anonymity easily. However, in reality, things are somewhat different. Intelligence agencies regularly find new methods for uncovering users’ true identities. Those include leveraging browser vulnerabilities, special monitoring software and fingerprinting based on available data which may even factor in the installed fonts. To remain undiscovered, one still needs to exercise caution, but even so, no one can guarantee complete anonymity.

Law enforcement agencies are closely monitoring darknet trading in illegal goods. You will never know who is selling or buying things on the other end in the darknet: a real criminal or a secret service agent. An undercover police officer can, for example, set up an e-store in the darknet and rather easily find out buyer addresses. In this case, instead of getting their long-awaited delivery, customers will end up rendezvousing with a police unit.

What's inside

Most darknet websites are online stores, various forums where visitors usually engage in buying or selling stolen data, and other sites that, for some reason, couldn't find a place on the “normal” Internet. The darknet is primarily known for its marketplaces. A wide variety of goods and services are sold and paid for on the Dark web. Contrary to popular stereotypes, people can purchase ordinary goods there too—just like they do in conventional online stores. Then you may wonder: why would someone need enhanced security mechanisms and where do all those scary stories about the darknet come from?

It is Illegal content sellers and distributors who need this ability to remain undiscovered. The .onion domain name conceals a multitude of hacker forums where cybercriminals can feel more at ease. To further enhance the security of their transactions, they make payments using bitcoin wallets—tracking down these payments is not a simple task.

And yet the darknet is not just a swarm of villainous forums and marketplaces—that's how it is usually portrayed by the media. It also accommodates pretty well-known websites, such as Facebook. The very fact that a large respected company like this actually has its own “branch office” on the darknet clearly demonstrates that certain preconceptions about this online “twilight zone” can safely be discarded.

Then one can ask another reasonable question: If the darknet isn’t really that bad overall and legitimate sites exist there too, why bother starting this discussion in the first place? Of course, if things were so nice and quiet out there, we’d have no reason to write about this Internet underlayer. However, there exist many dangers and hazards in the darknet that Dr.Web can protect you from.

How it can be dangerous

As a matter of fact, surfing the darknet is just as dangerous as visiting any regular site on the Internet, except that the former has a higher concentration of scammers who are not only eager to rip off casual visitors but also happily double-cross each other.

Here is a typical example of a darknet marketplace scam: A cybercriminal creates a website with only the most basic features and adds tons of computer hardware and other technical goods to their catalogue. And the prices displayed are much lower than average market prices. A gullible user fills out the purchase form by entering their bank card details, delivery address, phone number, email and a bunch of other "important" information to complete their order. You probably already realise that the purchase will never be delivered and a refund is not an option. Even worse, the divulged data will add to the already large scammer databases.

Users also run the risk of getting their system infected with malware while a file is being downloaded. The malware that may sneak onto a victim’s machine includes rogue miners and trojans that steal money and data. Because people pay for goods and services on the darknet with cryptocurrencies, trojans compromising crypto wallets can be particularly dangerous.

Other than that, darknet users face the same risks and hazards as visitors to ordinary websites. An anti-virus alone won't protect you from everything. Dr.Web applications can’t assess how dangerous a certain Onion site is and add it to the list of non-recommended web addresses, so users need to be constantly aware of what kind of content they are accessing. Otherwise, the anti-virus will operate in the same way as it does when users surf the regular web—it will prevent malware from running on your computer.

It is also important to safeguard children from exposure to the darknet. The Parental Control won't work there. It should be mentioned though that a primary school age child probably won’t be able to set up a connection to the darknet. And even if they succeed, they probably won't run into anything dangerous—sites with outright inappropriate content are hidden from the common visitor.

#bitcoin #anonymity #anti-virus #Internet #non-recommended_sites #terminology