Dark Web: Anonymity guaranteed for blocked traffic

Trafficking in arms or drugs did not wait for the existence of digital, but new technologies provide it with new space to develop. Over the years, the dark web has become a marketplace for all kinds of illicit products and services: from cocaine to weapons of war, including stolen credit card numbers, counterfeit papers or cyber-attack services. This space is very far from the monopoly of illegal trade, but due to its structure, it has become one of the most internationalized and easily accessible places.

But what is the dark web? It is a very small part of the web that can be accessed with specific browsers using specific protocols. Its main feature is to ensure your anonymity: when you browse there, no one knows what site you went to, and the site itself does not know who the Internet user is.

reign .onion

“The dark web provides the illusion of a distance that allows you to walk around the equivalent of a black market place in a city like Rio de Janeiro, for example, but without risking your physical safety, then to be able to come home in a split second by shutting down his computer “summarizes Nicholas Arpagian, director of cybersecurity strategy at Trend Micro, a company specializing in cyberthreats.

There are many darknets, such as Freenet and GNUnet, but the most famous and widely used is TOR. Invented by the US Navy to secure communications. It’s made up of a bunch of sites that end in .onion instead of .com, .fr or .org, referring to the vegetable as the TOR protocol mimics the successive layers of an onion that protects its core. No our data in this case.

Accessing it is very simple, you just need to download the browser (TOR browser). TOR is based on the classic web, i.e. the boxes and networks of ISPs such as Orange or Bouygues, but it consists of many servers that are gateways to its own network. The list of these servers is known. So your ISP might know you went to the dark web, but they have no idea what you did there.

In this network we find a whole range of Internet sites: business and informational sites, forums, social networks, etc. There are also major players like Facebook or the BBC. It is already a used space in countries where freedom of expression is curtailed, because it makes it possible to escape tracking. But, logically, this infrastructure that protects a lot of anonymity is also a privileged place to suggest all that is illegal.

Ordered, delivered… or not

The dark web is not illegal per se and what is prohibited elsewhere is also prohibited there, in principle. As in the classic web, there are two types of merchant sites: online stores, like Decathlon on the regular web, for example, and marketplaces where sellers and buyers meet, like Leboncoin. Except here, the nouns rhyme more with “guns” or “drugs.”

Strategic reputation issues. Because if we’re on the regular web, we’re less afraid of entering our credit card number on merchant sites like Amazon, Zalando or Fnac, which are recognizable structures, nothing like this on the dark web. If you never received the product or if it does not comply with the order, it is impossible to complain because you received a fake health permit whose QR code does not work, for example, even if we paid (very) very expensive!

“When a business website appears on the dark web, it tries to gain brand image, is subject to ratings and reviews, Explains Jean-Francois Berat, Digital Geographer at ENS Lyon. The quality of the packaging is one of the main evaluation issues. » In fact, if the Dark Web is a separate space, then the delivery goes through traditional infrastructures, such as La Poste. The weapon can be sent in parts. The medicine must be well packaged to prevent detection in the postal service.

Home delivery can be done but, depending on the type of product, idle mailboxes are frequently used. Lists of these chests are communicated and updated on dark web sites or by the sellers themselves, and the PTT passkey to unlock them is a widely sold product. Once again, the challenge is all about building trust. “Even if it’s illegal, the consumer just asks to rest assured”recalls Nicholas Arbajian, also the author of cyber security (compilation. What do I know?, PUF).

Security …

As with legal exchanges, a trusted third party is frequently used. Therefore, buyers and sellers go through an unknown person, called escrow, who receives payments from the buyer and goods from the seller, and undertakes their delivery by taking commission. This mechanism is also based on the warranty rating system. A group of hardware close to the classic platform economy, on which Leboncoin or Amazon embody this trusted third-party often-faced with an unknown seller.

Where the rules of the dark web differ is in the evolution of sites. “Business there is not sustainable, and the more the actor appears, the more interested he is in the investigation and police services, and the greater the risk of arrest”Nicholas Arbajian confirms.

In fact, various police forces around the world regularly dismantle illegal trading sites, thanks, among other things, to great international cooperation. Thus, the life of the sites is very short. According to a review by Alef Agency that specializes in this field, the average lifespan of a site on TOR is seven and a half months. When reviewed at the beginning of 2021, 88% of the sites had been in existence for less than a year. Police operations are far from the main cause. Sites are often hobbyist and run by one person and therefore very fragile. The world of the dark web changes, actors appear regularly and then disappear after a few months, others grow and then sometimes are closed by the police, etc.

… mirrors and “tricks”

The Dark Web is often a relatively small area. “At TOR, globally, we identify 110,000 sites.”, says an executive from Alef Corporation, which offers a paid search engine on this network for official services. For comparison, there are nearly 2 billion on the standard web. but primarily, “It is estimated that 60-70% of sites on TOR mirror”Add this observer. These mirror sites copy an existing site on the dark web to deceive the internet user and earn dummy sale proceeds. These mirrors are difficult to determine, because the domain name in TOR is a string of more than 50 random characters. However, they did not last very long as their online reputation quickly revealed, but they managed to turn a profit in the meantime. In addition to these mirrors, there are classic scams, called “scams”, which do not copy anything but did not have goods in the back office.

Another common scam: “A person opens an online store, fulfills his orders, thus gains consumer confidence and begins to grow, then stops everything at a time when activity is high without fulfilling orders and leaves with sales volume”Jean-Francois Berat explains. Since anonymity is guaranteed, the process can be repeated many times.

In addition to these scams, real commerce takes place on the dark web. TOR consists of 20,000 or 25,000 active sites, notes frame A. The only figures available on sales volume come from dismantling sites. The sector giant, Darkmarkt, which Europol closed at the beginning of the year, had 2,400 sellers, and 320,000 deals have been made there since its inception for a cumulative amount of 140 million euros. The Wall Street market closed in 2019, had 5,400 sellers and 1.15 million customer accounts. Investigators found more than 500,000 euros in cash on its premises and cryptocurrency accounts filled with hundreds of thousands of bitcoins and moneros.

Pay your hacker with bitcoin

Cryptocurrencies are really the exchange currency in force on the dark web, because you don’t give out your credit card codes to a criminal. Bitcoin is dominant but not exclusive. According to Chainalysis, a startup specializing in analytics blockchainAnnual cryptocurrency exchanges for criminal activity on the dark web are estimated at around $1.5 billion.

On the product side, if everything is there, pharmaceuticals occupy a key place. A Europol report estimated that 62% of illicit offerings on the dark web provided drugs or drugs in 2017. The major development underway relates to the demand for cyber attacks, which is experiencing very high growth. Cybercriminals perform full service for the customer. Thus the latter may not have technical skills: it only indicates the name of an account on a social network that it wants to hack or a site address that it wants to overload with requests to make it ineffective, etc.

This movement illustrates the relative “democratization” of this network, along with the emergence of some search engines that make it possible to find the right site without being informed. Thus, the dark web is a space that allows illegal merchants to address a large audience in a very international space.

Find our entire dossier on “The Dark Side of the Market Economy”

What is an illicit economy?

It is very difficult to measure the illicit economy, but especially to define its limits. Therefore, estimates of the size of the underground economy vary from one to two, and they include above all completely different facts: undeclared work, under-declaration of turnover by some firms, informal jobs, illegal production … in the case of France, The National Institute of Statistics and Statistics (INSEE) estimates that the “unobserved economy” accounts for €68 billion, or 3.8% of GDP. But, to a large extent, this corresponds to corporate fraud, especially VAT, of just over 52 billion. The smuggled goods will represent only 600 million euros. Counting methodologies also differ from country to country, but an OECD study looked at the case of Italy and the only illegal production in that country. The organization estimates that this will represent 0.9% of Italian GDP and that it will be mainly due to drugs (0.6%) and prostitution (0.2%).

Leave a Comment