What is the Darknet?

11 MIN READ
What is the Darknet

Most people nowadays are familiar with the "normal internet" or the search results they get when using conventional search engines such as Google, Bing, or Yandex. However, only a minority knows about a more sinister part of the internet, otherwise known as the Darknet.

But what is the Darknet exactly? The Darknet is a part of the internet that is not indexed by conventional search engines and requires a special browser, such as Tor, to access. It is mostly associated with websites that offer illegal goods such as narcotics or firearms and the users are protected by the anonymity it offers.

The Definition of the Darknet

The Darknet is composed of areas of the Dark web and can be seen as an overlay network that uses the Internet but requires specific software or authorization to access. Through the Darknet, computer networks communicate and do business with each other without sharing private or identifying information, such as the users' names or locations.

The Darknet is a small part of the greater Deep Web and is not indexed by conventional search engines. Smaller Darknets consist of friend-to-friend and peer-to-peer networks, while larger Darknets consist of popular software and services like Tor, Riffle, I2P, and Freenet.

Both individuals and organizations are active on the Deep Web and operate within Darknets. Darknet users often refer to regular web content as Surface Web content or ‘’Clearnet.’’ The term Clearnet refers to the unencrypted nature of this type of internet content.

Darknet and Dark web content is only findable through Tor or Onionland. This technique, called onion routing, anonymizes traffic by using the network’s native top-level domain suffix .onion.

Who Founded the Darknet and What Was the Vision Behind It?

The term Deep web began to circulate in early 2000 with the release of Freenet, which was a thesis project of Ian Clarke, a student at the University of Edinburgh, who set out to create a ‘’Distributed Decentralised Information Storage and Retrieval System.’’

Clarke’s vision was to form a new way to communicate and share files online. The basis for this would later be The Tor Project, which was released in mid-2002, with its own browser launching in 2008, running by onion routing.

The inner workings of Tor, also known as ''onion routing'', was developed in the mid-1990s by researchers of the United States Naval Research Laboratory Paul Syverson, Michael G. Reed, and David Goldschlag to protect American intelligence communications online.

With the Tor Project up and running, users could now browse the internet completely anonymously and visit websites on the ‘’Darknet.’’

Content, Tools, and Services Available on the Darknet

Through Tor, the most significant part of Darknet content available consists of child pornography, closely followed by black markets, which are online marketplaces where users can buy and sell drugs, weapons, and other illicit goods.

Apart from child pornography and black markets, the Darknet also contains botnet operations, whistleblowing sites, political discussion forums, sites associated with Bitcoin, fraud-related services, murder-for-hire, and mail-order services.

It is estimated that there are about 76,300 .onion sites, with 18,000 of them having original content. According to a study done by researchers at King’s College London in February 2016 gives the following breakdown of content, tools, and services available on the Darknet, showing the illicit use of .onion material.

Botnets

Botnets use command-and-control servers using censorship-resistant protocols, creating significant amounts of bot-related traffic. These botnets can also perform distributed denial-of-service (DDoS) attacks, steal data, send spam, and allow hackers and other cybercriminals to access the device and its internet connection. The word ‘’botnet’’ is a portmanteau of the words ‘’network’’ and ‘’robot.’’

Ransomware

Many Darknet sites are dedicated to extortion-related services. Ransomware is illicit software that is installed on a target’s device and locks them out until a certain ransom is paid. If the victim decides not to pay the ransom, the data might be sold on data sales sites or made public via data repository sites.

Darknet Marketplaces

Commercially operating Darknet marketplaces facilitate illegal goods transactions and usually use cryptocurrencies, such as Bitcoin, Litecoin, and Monero, as payment. Silk Road and the Diabolus Market were the biggest illicit goods marketplaces and are both seized by legal authorities as of today.

Silk Road was undoubtedly the first significant Darknet marketplace on the Deep web. It first emerged in 2011 and allowed users to trade weapons, drugs, and identity fraud resources. It was founded by Ross Ulbricht, whose vision was to ‘’create a website where people could buy anything anonymously, with no trail whatsoever that could lead back to them.’’

According to his ex-girlfriend, Ulbricht said something about the Silk Road in Asia and what an extensive network it was, that he wanted to create something similar, and that he wished to ‘’use economic theory as a means to abolish the use of coercion and aggression amongst mankind.’’

Silk Road used data encryption and traffic rerouting services through intermediary servers to anonymize its source and destination Internet Protocol addresses. As a Tor site, Silk Road’s IP addresses and location were completely concealed.

The main currency used at Silk Road was Bitcoin, with all transactions being logged in a public ledger called the blockchain. Users who refrained from attaching their real, legal names to their Bitcoin wallets by using no-KYC wallet services were able to conduct business almost fully anonymously.

On the first of October, 2013, the Federal Bureau of Investigation (FBI) arrested Ross Ulbright in the San Francisco Public Library and accused him of being the Mastermind behind Silk Road. While Ross was being arrested, two agents pretending to be quarreling lovers distracted him so that he could not encrypt or delete any files on the laptop he was using to run the site.

During Ross’s arrest, agent Thomas Kiernan inserted an external USB flash drive loaded with special software into the laptop, which copied crucial files and data within seconds. As a result of Kiernan’s findings, Ulbricht was ordered held without bail.

When Ross Ulbricht was arrested by Homeland Security Investigations (HSI), he allegedly planned to hire a hitman to kill six people. However, these charges were later dropped.

As of 2024, around 40 active Darknet marketplaces are estimated to be operating within the Deep Web, with possibly even more. Each of these Darknet marketplaces functions similarly to eBay or Craigslist, where users can interact with each other and review each other’s products.

Hoaxes and Unverified Content

Just like the rest of the internet, the Deep Web is rife with hoaxes and unverified content. For instance, there have been reports of hitmen for hire and even crowdfunded assassinations. However, these are mostly scams.

Many people believe that one can find live murder on the Darknet and Deep Web. However, these are just urban legends, and the term ‘’Red Room’’ is just a legend of the same name, with evidence pointing towards all reported instances being complete hoaxes.

In June 2015, the YouTube channel Obscure Horror Corner claimed they found an indie game called Sad Satanon the Darknet. The game allegedly would slowly take over the device it was played on. However, the channel’s reporting was inconsistent, leading many to believe it was a hoax.

Social Media

Part of the Deep Web consists of Darknet social media networks, also called Dark Web Social Networks (DWSNs). These Dark Web Social Networks function like traditional Clearnet social networking sites, where members can customize their profile pages, make friends, like posts, and participate in forum communications.

Meta (formerly Facebook) has begun to create a dark-web version of its website that is accessible to as many people globally as possible. The privacy policies of most DWSNs require that users reveal no personal information and that they stay completely anonymous.

Terrorism

Just like regular groups, terrorist groups have been active on the Internet since the early 1990s. The Deep Web and its respective Darknets attracted these types of organizations because of their high level of anonymity, lack of social interaction and regulation, and ease of accessibility. These groups share How-to guides, terrorist propaganda, guiding information, and funding.

Hacking Groups and Services

On the Deep Web and its respective Darknets, you are able to find many hackers that sell their services either individually or part of greater hacker and cybercrime groups. Examples of well-known hacker organizations are xDedic, Trojanforge, Mazafaka, Dark0de, hackforum, and TheRealDeal Darknet marketplace.

These hackers and cybercriminals provide hacking services for banks and other financial institutions and have been known to track down and extort alleged pedophiles. Additionally, you can encounter scam .onion sites that appear to hand out free downloads or software but are infected with backdoors or trojan horses instead.

Illegal Pornography

The most popular and rampant content on the Deep Web and its respective Darknets is illegal pornography—or child pornography in particular. Allegedly, most of all Deep Web traffic is related to accessing child pornography, although it is difficult to find. The most significant Deep Web website in this genre was Lolita City, which hosted over 100 gigabytes of child pornography and had over fifteen thousand active members.

Other examples of large Deep Web child pornographic media distributing websites include Playpen and Boystown, which had 200,000 and 400,000 registered users, respectively. Apart from child pornography, other types of illegal pornography also circulate on the Deep Web, such as the sexualized torture and killing of animals and revenge porn.

Financing and Fraud

According to extensive research done by companies like Zebryx Consulting and Flashpoint, there are various carding forums, and Bitcoin and PayPal trading websites on the Deep Web, which provide fraud and counterfeiting services, among others.

It must be stipulated that most of these sites are scams themselves. They conduct phishing via cloned websites and advertise Darknet marketplaces with fraudulent URLs, leading to malware, ransomware, and other viruses.

Bitcoin Services

On Deep Web and Darknet sites, Bitcoin is the most predominant currency, mainly due to its relatively anonymous nature. One of the most common ways bitcoins were anonymously exchanged back in the day was by using a digital currency exchange service, which converted Bitcoin to online game currencies, such as gold coins in Runescape or World of Warcraft.

At a later stage, these online game currencies would be converted back into fiat currencies, such as U.S. dollars, European euros, or British Pound Sterling. Alternatively, Bitcoin tumblers were being used, allowing users to swap Bitcoin for countless other, lesser-known cryptocurrencies within seconds, obscuring their real, actual source.

Journalism

Most journalists, educators, researchers, and news organizations are also active on the Deep Web and its respective Darknets. Media coverage on the Deep Web mainly stipulates the power and freedom of speech and reaffirms the illegality of its content, such as the barter of illicit goods and distribution of illegal pornography.

What

The Onion Routing Project

When people ask: What is the Darknet? Or What is the Deep Web? You simply tell them that the Deep web consists of many Darknet sites, which can be accessed through networks like The Onion Routing Project, better known as Tor. All domains and content hosted on this network can only be found on .onion URLs.

Tor works by creating encrypted pathways and entry points for its users, allowing them to conduct Deep web searches and conduct business completely anonymously. Because of Tor’s layered encryption system, the locations and identities of Darknet users cannot be backtracked.

The layered encryption systems work through the use of a large number of intermediate servers, also called ‘’relays or nodes’’ which safeguard user’s anonymity and identities. All data sent back and forth can only be decrypted by a subsequent node in the system, which ultimately leads to the exit node, which is the only node that decrypt the final layer of encryption and reveals the actual data.

This complex system using multiple nodes and relays makes it virtually impossible to reproduce the original node path and decrypt the information layer by layer, just like an onion, hence the name The Onion Routing Project.

One of the most crucial aspects of the Deep Web and its Darknets is the high level of encryption, which disables websites from tracking geolocation and IP data from its users, while users aren’t able to get any information about the host. For this reason, the communication and interactions between Deep web and Darknet users are highly encrypted, allowing them to blog, talk, and share files anonymously and confidentially.

The Differences Between the Darknet and the Deep Web

Many people often wrongly confuse the Darknet with the Deep web and vice versa. The term Darknet has more popularity since the rise of Bitcoin and Dark Web markets like Silk Road after 2009. However, it is unknown when the first Darknet actually first emerged.

Most internet users just use the surface web, which is content that can be accessed through any typical web browser and found by any conventional search engine, such as Google, Bing, or Yahoo.

It is to be understood that the Darknet comprises only a small part of the greater Deep Web and requires special software to access. The confusion between the two terms arose as early as late 2009. Ever since, especially in Silk Road reporting, the two terms have often been confused and misused, although many recommended that they should be distinguished individually.

What is the Darknet? - List of Most Commonly Used Darknet Sites

The Hidden Wiki - The Deep Web’s alternate Wikipedia, operating as a Tor service providing a directory of links to other .onion sites, including links to money laundering, contract killing, cyber-attacks for hire, contraband chemicals, and bomb-making sites. The first Hidden Wiki was located at 6sxoyfb3h2nvok2d.onion in 2007, whilst in 2014, the domain was hacked and redirected to Doxbin from kpvz7ki2v5agwt35.onion.

ProPublica - ProPublica is a non-profit, Pulitzer Prize-winning news organization that highlights power abuses and public trust issues. Its investigative journalism makes it target for the rich and powerful, which is why they base themselves on the Darknet to assist journalists and readers access their content and avoid being tracked or taken down.

Proton Mail - Proton Mail, previously known and written as ProtonMail, is a Switzerland-based end-to-end encrypted email service, founded in 2013. Client-side encryption software protects email content and user data, unlike conventional email service providers such as Outlook.com, Gmail, and Yahoo.

Whistleblower Aid - Whistleblower Aid is a non-profit legal assistance organization that operates in both the government and private sector and provides free legal services, support, and security services to help whistleblowers. A famous whistleblower that was protected by the organization recently was Joohn Choe, whose complaints allege that Facebook’s parent company, Meta, wilfully violated U.S. government sanctions on pro-Russian rebels, allowing them to spread misinformation and propaganda on the social media platform.

Facebook onion address - Through the Facebook onion address, to be found at facebookwkhpilnemxj7asaniu7vnjjbiltxjqhye3mhbshg7kx5tfyd.onion, Deep Web users can access Facebook or Meta through the Tor protocol, using its .onion URL. It is particularly useful to visit the Facebook onion address if you live in a country where journalism is censored.

The Darknet and Silk Road as Proof of Concept for Bitcoin in the Early Days

As The Silk Road ran from January 2011 to October 2013, being a $200 million operation at its peak, its hotbed of illegal activity served as as one of the initial use cases for Bitcoin and cryptocurrency in general.

Silk Road undoubtedly proved that there was a market for secure and anonymous transactions based on blockchain ledgers and using cryptocurrencies. As the Silk Road referred to the ancient trans-Eurasian trade route, bringing together many cultures and ideas in a relatively peaceful manner, its founder, Ross Ulbricht, also called ‘’Dread Pirate Roberts’’ failed to emulate this ethos.

As Proof of Concept (PoC) is defined as a crucial consensus mechanism in the world of cryptocurrencies and decentralized networks, Silk Road definitely functioned as one for Bitcoin in its early days because it served as a first real marketplace, where cryptocurrencies (Bitcoin in this case), could be traded for physical (illicit) goods.

Pros and Cons of the Deep Web and Darknet

The Deep Web and Darknet help people to maintain their privacy and freely express their views. Privacy is taken into high regard and is essential for many innocent people who are terrorized by criminals, stalkers, and offensive governments. The popularity of the Deep Web and Darknet amongst criminals makes it the most obvious place for undercover police officers to find and bust hackers and other cybercriminals.

However, people with ill intentions might abuse the power of the Deep Web and Darknet to ease their criminal activities and communications. Although the Deep Web and Darknet can secure the privacy of their users, they can also be used to violate the privacy of other users.

Private photos, videos, medical records, and financial data can be stolen and shared on the Deep Web and Darknet, so be careful with what you share on both Clearnet and Deep Web sites.

What is the Darknet? - Conclusion

If our experts had to answer the question: What is the Darknet? They would state that the Darknet is an overlay network within the traditional internet or Clearnet that can only be accessed with specific software, authorization, or configurations, such as the Tor Onion web browser.

In short, we can say that the Darknet and the Tor browser are powerful tools with a rich history so far that have had a significant impact on society and can be used for many purposes. Some of them are bad, and others are good.