If you must explore the depths of the darknet, access it more safely

The darknet: a mysterious online world shrouded in secrecy or the gloomy underbelly of the internet where criminality runs amok? Hop in our watertight sub and join us as we explore its depths, examine its murky reputation, and dive deeper to answer all your questions: What exactly is it? How can you access it? Why do people use it and is darknet site surfing legal? Whether you decide the dark side is for you or not, make sure you have a trusted online security and privacy solution in place, like Avira Free Security. 

What is the darknet? 

Imagine the virtual world as a vast ocean of information and data. What most of us think of as the World Wide Web is in fact only the ‘surface’ (also known as the ‘open’ or ‘clear’) web and is quite literally just the tip of the web ‘iceberg’. Below the surface sits the ‘deep web’ and within this, lies the ‘dark web’, also known as the ‘darknet’.  

Here in the depths of the internet, the darknet and its sites attract shoals of visitors, including those seeking safety from persecution and users accessing legitimate private members clubs and networks. The deepest end of the spectrum is where the darknet earns its fearsome reputation as a digital black market for all the illegal goods you can imagine: Drugs, weapons, viruses and malware, contract killers, poison, credit card numbers, and so on. Read on for what you need to know about the darknet in a nutshell, including what it’s used for and what a visitor should beware of.

How do you access the darknet? 

The darknet is an intentionally isolated, hidden part of the internet. Websites on the surface web are ‘indexed’ which allows people to search for results on them using regular web browsers and search engines such as Google. Darknet sites are not indexed so cannot be accessed via regular browsers. Instead, they use information from individual email or social media accounts, databases and documents to grant users access. These users communicate with each other through an encrypted peer-to-peer (computer) network connection, or by using an overlay network such as ‘Tor’, the most well-known browser specially developed for the darknet. Once in, users can then browse the darknet using dark web search engines.  

Tor, short for ‘The Onion Router’, is often considered the best darknet browser. It ensures complete anonymity on the darknet by relaying traffic and, as its allium-based name suggests, encrypting it with multiple layers (three virtual onion skins to be precise) as it passes over its network. This encryption of all data, including IP addresses, ensures it is invisible to search engines and authorities alike so that users cannot be tracked. This makes it the perfect hiding place for anyone not wanting to be found, for whatever reason.

Those wishing to enter the darknet site via a regular browser, will need to use a service called ‘Tor2Web’. These website domain names end in onion.ly so they’re easily recognizable, but potential users might want to think twice and proceed with extreme caution as these sites are usually used by ransomware groups to redirect victims with infected devices to their ransom demands. 

What’s the difference between the dark web vs deep web? 

The terms ‘deep web’ and ‘dark web’ (or ‘darknet’) might sound alike and are sometimes used interchangeably, but they are not the same. Think back to that iceberg. As online services have grown, most people now surf the ‘clear’ or ‘open’ surface layer of the internet to manage their everyday life: banking, shopping, researching, streaming etc. It’s a very thin layer and is generally estimated to make up just 10% of the internet. 

Sitting directly below the surface web we all know so well, is the remaining 90%: The ‘deep web’, which has two distinguishable parts to it. The majority of it contains web pages which are not indexed and therefore not accessible by search engines but have a legitimate purpose and can be accessed if you know the relevant internet address. This can include anything behind a paywall or requiring sign-in credentials (eg. corporate networks, company intranet sites, medical records, university, or research institute databases etc.) or any content that its owners have blocked web crawlers from indexing. 

Lurking at the darkest depths of the deep web, is the ‘dark web’ or ‘darknet’ which makes up around 0.01% of the deep web. 

Where did the darknet come from? 

Illegal activities and shady backroom deals are nothing new and as far back as the 1970s, an early incarnation of the internet (the “ARPANET“) was being used to coordinate the sale of cannabis by students at Stanford University and the Massachusetts Institute of Technology. However, the darknet as we know it today began in September 2002 when the US Naval Research Laboratory developed a rudimentary version of the Tor browser to disguise users’ IP addresses and maintain their anonymity for national security purposes. Whilst it was taken advantage of by some hardcore tech-savvy criminals, it was still mainly a digital playground for so-called computer geeks. However, the introduction of Bitcoin in 2009 helped transform the dark web into a haven for criminals, and in turn contributed to Silk Road, the first darknet market created in 2011.  

What is a darknet market? 

Darknet markets are black markets that offer illicit goods for sale, often using cryptocurrencies as a method of payment. Although some legal products may be available, their ‘bread and butter’ is the sale of illegal drugs and it’s common to find other prohibited items such as stolen data and weapons. Like their more reputable cousins eBay and Amazon on the surface, darknet marketplaces have user review systems, but that’s where the similarities end. Their real success comes from the darknet markets’ anonymized transactions. These take place via a cryptocurrency such as Bitcoin, using dark wallets to protect both the seller and buyer. The payment is held in Escrow by the site operator to discourage scammers (spoiler alert: it doesn’t) and the only exposed link in the chain is the actual shipping of the goods through the postal system. 

Silk Road was brazenly advertised as the ‘Amazon for drugs’ and quickly became popular with criminals for hosting money laundering activities and illegal drug transactions. It was shut down by the FBI within two years and its founder Ross Ulbricht imprisoned for life, but multiple other darknet markets have since sprung up due to their enormous potential for illegal trading.

Why do people use the darknet? 

There are many reasons why people may choose to enter the darknet and you shouldn’t automatically assume they are up to no good. Legitimate reasons include hosting any data that requires a level of security or privacy and there are multiple members clubs and social networks which users seek out on the darknet. Fancy joining “Blackbook” (the so-called “Facebook of Tor”) or perhaps a niche book or advanced chess club? If so, you could end up on the darknet even though you’re not a drug lord.  

And let’s not forget Tor’s company mission: “We believe everyone should be able to explore the internet with privacy. We are the Tor Project, a 501©(3) US non profit. We advance human rights and defend your privacy online through free software and open networks”. You can start to understand this a little better when you consider the needs of citizens in war-torn regions or countries where freedom of expression is restricted.   

However, thanks to its encrypted cloak of invisibility, the darknet inevitably attracts some of the shadier sides of life, although opinions are divided as to the scale of it. In 2019, a study at the University of Surrey found that the number of dark web listings that could harm an enterprise was on the rise, with as many as 60% of all listings (excluding those selling drugs) being potentially capable of harming enterprises.  

According to German data company, Statista, the number of Tor browser users worldwide peaked in September 2023, reaching nearly 7.48 million. While this might sound vast, it’s still a drop in the digital ocean of the estimated total of 5.35 billion internet users worldwide in 2024. Curious where most Tor users come from? According to Tor’s own metrics, you may be surprised to hear that over half are from Germany!  

So, what are users doing on the darknet that they shouldn’t? The less virtuous visitors are usually looking to buy or sell any of the following: 

• Illegal drugs 
• Weapons 
• Stolen personal data such as credit card numbers or email account logins 
• Illegal content such as child sexual abuse material 
• Counterfeit money 
• Hacked enterprise accounts 
• Software and services to carry out cybercrimes such as ransomware attacks or phishing attacks 

Whichever way you look at it, it’s clear that the darknet offers opportunities to many, be they regular citizens or hackers and cybercriminals. You can help protect your data against theft, phishing or browser hijacks with Avira Secure Browser: It comes with an ad blocker and privacy cleaner (to help wipe away your browsing history and other digital remnants), plus anti-fingerprinting and anti-tracking technology. 

How do cybercriminals benefit from the darknet?  

Alongside the sale of illegal ‘stuff’, cybercrime is also big business on the darknet and poses a particularly serious threat to regular daily life. But what are people trading? If you’re in the market to buy someone else’s data, the ‘Dark Web Price Index’ reveals the dark market value of leaked data following a hack:  

• A cloned credit card with pin could be yours for a mere $20 
• Credit card data will set a buyer back between $80-120, depending on the bank balance 

And it’s not just plastic, darknet traders have social media interests covered as well:  

• Logins for a Facebook account cost $45 
• A Gmail account costs $65  
• 1,000 followers and likes for social media platforms can cost $1-10  

Unfortunately, that’s not all. Malware is also easily available for purchase and is used by cybercriminals to access account details or for activities such as cryptomining. The price will depend on the target country and quality of the malware but can range from $45 right up to $5,500. It’s a highly lucrative industry and one that is not likely to end any time soon. 

How can you spot a darknet website? 

So, what does a darknet website look like? Darknet websites look very similar to any other website but there are some key differences. Instead of ending in .com or .co like a surface website, darknet sites end in .onion or .onion.ly. Darknet websites also use a scrambled naming structure that creates URLS that are often impossible to find or remember. As an example, the URL for the popular commerce site Dream Market is in fact the catchy “eajwlvm3z2lcca76.onion”. But a visitor may not get the chance to become too familiar with even the most well-established sites. Many darknet sites are set up by scammers who are constantly on the move to avoid detection, so darknet sites can often suddenly disappear when their owners decide to cash in and flee with the escrow money they’re holding on behalf of customers. 

Is the darknet dangerous or illegal? 

It’s fair to say that if you need anonymity because you’re facing persecution or fighting for free speech in an authoritarian regime, then the darknet would appear a safer place than the surface web. And of course, regular users are not automatically surfing in a lawless space when they use Tor to access the darknet. There’s plenty to learn about privacy protection or cryptocurrency on there, law enforcement agencies use it to look for data stolen from security breaches and many mainstream media organizations monitor whistleblower sites looking for news. 

But wait, the curious should nott relax on their metaphorical lilo and cruise straight on in there. Visitors should Enter the darknet at their peril! Despite its relatively diminutive size, the darknet is still a hotbed of criminal and illegal activity and accessing it or using the content, tools or services in it can be extremely dangerous for both individuals and enterprises. Illegal and disturbing content flows throughout while infected websites lie in wait to snare you in their malware nets. Law enforcement authorities regularly shut down illegal sites and reveal site visitors’ identities to try to deter others. The darknet is not illegal in itself, but simply visiting some darknet sites is punishable by law. And in some countries, a visitor will catch the attention of authorities by just downloading Tor. 

You’re better off on the surface web where the light of online regulations can still shine! Wherever you browse or connect, always have the following in place: 

• Install reputable anti-malware like Avira Free Antivirus to help shield your data and device from all types of malware, even zero-day threats.  
• Choose strong, unique passwords for all your online accounts and store and manage these more securely with a Password Manager. If possible, enable multi-factor authentication.  
• Help encrypt your communications with a VPN like free Avira Phantom VPN, especially if you’re using public Wi-Fi.  
• Use a Software Updater to help keep your browser, applications, and operating systems up to date so they’re fully patched against security loopholes that may be known to hackers.  
• Practice safe online habits and never click on unknown links or download attachments from unverified sources. Limit your surfing to more securely encrypted HTTPS websites only—look out for the lock symbol next to the URL.  

Choose a multipronged online solution  

We strongly recommend confining all surfing to the surface web—and help secure your data, online identity, and devices with a multi-layered solution like Avira Free Security. It blends performance, online privacy, and online protection into a single (free!) app. The integrated Software Updater, VPN, Password Manager, and more, create the convenient and trusted foundation on which to build a safer digital life.