After describing Tor in detail, let’s go back to talking about Deep Web and Dark Web. The question that is typically asked is, “How big is the Dark web?”.
Hard to know, but it’s believed that the Surface web accounts for less than 5% of the entire web. Taking into account that the pages indexed by Google were 1 trillion (one trillion) in 2008, they grew to 30,000 Billion (30 trillion) in 2013, four years later (2017) they became 130 trillion (data from www.statisticbrain.com and from The official Google Search blog), to have the size of the Deep Web we must – probably – multiply these numbers by at least 50 times. So what we use of the Net (the Surface Web) is only a very small fraction.
In fact, there are conflicting opinions on this topic: not everyone agrees that the Deep Web is so redundant compared to the surface web.
A different representation of the Dark web (which one will be the real one?)
What there seems to be no doubt about is that the Dark Web is instead very small: it is believed (but it is a very rough estimate) that it contains no more than 100,000 sites, which probably represent less than 0.005% of the size of the entire World Wide Web. The graph in Figure 7, taken from https://metrics.torproject.org depicts the number of unique .onion addresses on the Tor network.
Unique .onion addresses on the Tor network (period 2010-2020)
In reality, the active .onion sites could be much less: these are sites that are very “volatile”, because they are born and disappear quickly (often closed by the police). So difficult to census, but someone has tried to do it and here I summarize the results.
•Linguistically, Tor sites (.onion) are more homogeneous than the surface web with 86% of sites having English as their main language, followed by Russian with 2.8% and German with 1.6%.
•Numbers of visits: while in the surface web, the most popular sites attract millions of visits, in .onion sites the one with the highest number of incoming links was a black market with about 3,585 inbound links.
•Average life of .onion sites: The results of a 2017 Onionscan report reports that out of 30,000 sites surveyed, just over 4,400 were actually online. Although these analyses have a high level of uncertainty, we can say that the “ratio of living to dead” continues to be similar to that of other previous research, with just 15% of .onion sites alive.
The Black Markets of the Dark Web
The most widespread – and profitable! – activity on the Dark Web is black market, where you can buy drugs, weapons, fake documents and other illegal items. Beneath the surface of the web you can really find everything: from child pornography sites, to those where hitmen are hired to commission murders. Obviously in this “world” the current currency is bitcoin, a cryptocurrency whose transactions are tracked anonymously. In this site you can find the real-time quotation of Bitcoin. It’s no secret that the dark web is famous for its markets, where hundreds of thousands of sellers sell illegal goods. There are markets that can be called scam projects that do not sell anything but pretend to sell. Sometimes they can take very good and high-quality photos of goods that they allegedly sell. Buyers of dark web markets are already tired of being deceived every time as there are many more scam projects than real markets. People create sites such as dark web scam list and publish there sites that deceive people.
But it is impossible to believe every dark web scam list because they also can be fake.In this article you will also see examples of not entirely honest lists of scam projects.
The configuration console of a Ransomware as a Service
Then it can download and circulate the ransomware thus purchased. Another Raas platform is RaaSberry, which provides custom ransomware packages ready to be deployed. Not only that: with carefully designed marketing policies, the creators of RaaSberry offer differentiated packages that include, for each plan, the same ransomware but a different subscription time to the C&C (Command and Control) server.
The Dark Web also has available rental botnets for Distributed Denial of Service (DDoS) attacks.
On the one hand there are those who have control of the botnet, on the other those who want to use its computing power for almost never lawful purposes. Someone has compared it to a kind of “rental with driver”, because generally those who rent the botnet continue to maintain control.
the cost of “renting” for a DDoS attack can range from the very modest figure of $5 for a 5-minute attack, to $400 for a 24-hour attack. The average cost is about $25 per hour.
In practice, the illegal version of the “Infrastructure as a service” model is realized.
The risk of Crime-as-a-Service is that these types of threats will become all too easy for anyone to exploit. This is lowering the threshold for cybercrime: you will no longer need to be an experienced hacker to extort ransomware or other attacks.