Week 3 - The Dark Web Flashcards
List the ‘safety considerations’ / dos and don’ts when using Tor
When using Tor
- Don’t have a clear web browser open
- Don’t maximise your screen (this doesn’t matter anymore - they have introduced padding to stop it reading your screen resolution)
- Don’t use screen captruign software / add-ons unless you are aware of the implications
- Don’t use a VM (leaks that you are using one & you want to appear like a regular user)
- Don’t right click and save images
- Do use ‘ctrl prt sc’ / snipping tool
- Do disable JavaScript on Tor in the settings
- Do use the refresh function to refresh your IP regularly when visiting different sites.
How to find what you want on the Dark Web
Need to use ‘directories’ to help us. Sites like Hidden Wiki, dark.fail or torch are all examples. Not a complete list of all sites but a helpful guide. But how do I find this?
Use a clear web search first to find the current onion links for dark web directories like hidden wiki. Don’t click on the links on the clear web though! Copy and paste the ones you want into offline storage (like a txt file).
Use this directory to find onion links for marketplaces / topics you want.
Confirm the marketplace link with PGP key so you don’t accidently use a phishing link.
Check reliability of the market place by looking at reviews on clear and dark web. Read all their info - reviews ‘about us’ ‘op sec’ etc
Use ‘Dread’ also to check validity / relaibility of market places and vendors.
Create an account using anonymous /generic details
Find a seller - do the same for the seller and read vendor feedback in random order. Use a sellor that uses ESCROW (see next card).
Payments on dark web marketplaces - how they work
History of rug pulls / exit scams by marketplaces, also vendors may ‘scam’ you by taking money and not provide the goods. So how do we stay safe?
ESCROW. This is the process whereby payments between a seller and a buyer are managed by a third party.
The funds are held ‘in escrow’ & released to the seller once the buyer has recieved their items.
However the funds are managed by the marketplace (do we trust them?) there has been a history of stealing customer funds (exit scams).
Different types of payment processes:
DIRECT DEAL / FINALISE EARLY
- no marketplace involvement in the finanial transaction. payment up front from buyer to seller before good are delivered. Some escrow marketplaces allow trusted vendors to do this.
MULTISIG
- more complex & more advanced than escrow. Uses public key system between 3 parties - the buyer, the vendor & marketplace. need 2 of these 3 public keys to ‘unlock’ the payment. Only secure if the vendor & the market place are not the same eprson.
What is PGP (Pretty Good Privacy) & what does it do on the dark web?
PGP is an encryption program that provides cryptographic privacy.
2 main functions on the dark web:
- Allows users to verify communication between buyer and vendor (check authenticity of messages)
- Allows users to verify whether a marketplace link is legitimate and not a phishing site.
How to set up a crypto wallet to make a payment on a dark web marketplace
- Start with a coinbase account. this is attributable to you!!! Do not link this to the dark web market places. If you really want to be truely annonymous buy the crypto from an online exchange not Coinbase.
- Set up an anonymous electronic wallet like wasabi.
- Put funds from coinbase into this wallet. Then mix it and create different wallets within wasabi for different purposes.
- Link one of these wallets to your marketplace account to purchase with
Investigation Techniques for Dark Web Marketplace Vendors
- Use OSINT to research the vendor’s username / profile image on the clear web / platforms like telegram / tiktok / snapchat / instagram. Search the clear web on their key phrases / slang and descriptions. Look for unique / wrong spelling and grammar. Can we build a profile of known information on this vendor? Read vendor feedback to assist. INFORMATION THEORY
- Exploit postal tracking services. E.G Can you get tracking numbers for TOR IP addresses?
- UC tactics. Controlled purchases / infiltration