I previously wrote about Dark Web markets. It’s one of the main types of sites on the Dark Web where people go to buy and sell illegal things. Not all activity on the Dark Web or “darknet” is illegal. The darknet is simply a part of the internet which is only accessible through encrypted proxy networks, namely Tor and I2P. Mainstream companies and organizations such as Facebook and the BBC also have a presence on these networks. Access to encryption and privacy benefits good people doing good things as much as it does bad people doing bad things. These technologies are simply cybersecurity tools which can be used in a multitude of different ways.
But indeed, because of how Tor and I2P obfuscate the IP addresses and MAC addresses people use (and therefore make identifying cybercriminals a lot more difficult), they facilitate crime. That being said, I strongly support the legality of Tor and I2P technology. Just because arsonists exist, doesn’t mean lighters and matches should be banned.
Our readers love learning about the intriguing internet underground of the darknet. I enjoy doing cyber threat intel research there, I learn more and more everyday. So it’s time for another topic of fascination, the Dread forums.
Dark Web markets are based on the eBay model of online retail. I must emphasize that there is no connection between the eBay corporation and darknet markets. Cybercriminals have simply replicated some of eBay’s mechanics, but for selling illegal products and services rather than things which are lawful to buy. eBay doesn’t directly sell video game consoles and shoes, they provide a platform for vendors to sell those things. In the same way, the administrators of darknet markets don’t directly sell illegal drugs and malware, they provide the platform. Vendors and sellers develop a reputation based on their honesty. If they don’t sell what they say they sell, their reputation takes a hit.
Just as darknet markets are based on the eBay model, Dread is based on the Reddit model. Anyone can make their own subreddit (or subdread). Moderators control what type of posts are allowed, and they can ban users from their subreddit or subdread if they think they’re a jerk or breaking their rules. Subreddits and subdreads are usually based on areas of interest. Most subs never become popular, but a handful can have millions of active users. And there is no connection between the corporation which owns Reddit and the administrators of Dread. The latter simply found a model that works and replicated it.
As Dread benefits from the anonymization of being on the Tor network, many popular subdreads are about illegal or otherwise controversial topics. Cybercriminals do indeed discuss their activities in some subdreads. But Dread also has a number of innocuous subs. Dread has subs about how to engage in financial crime and subs about popular video games alike.
If you do the sort of work that I do, investigating cyber threats for banks, Dread can be a treasure trove for your OSINT research.
Like most Dark Web stuff, details about how Dread was formed are difficult to find. Darknetlive.com probably has the most comprehensive description you can find without having to do too much digging:
“Dread is an onion based free speech platform and forum, where you can post, comment and share among tonnes of different communities.
It was developed by /u/HugBunter in early 2018 and launched on February 15th.
Following a month of down time from the 23rd of April, the platform was redeveloped to be a lot more stable, with the backbone and UI completely re-imagined to allow for more flexibility, based on the mistakes that were made in the first iteration.”
If you’re an adult and you want to get into exploring the Dark Web the legal and safe way, check out How to Explore the Dark Web.
Hack The Box has a forum on the real Reddit! It’s mainly run by our loyal fans. We love it.
I wrote about the life and death of Dark Web markets recently. Lots of fascinating history is there.
The Dark Web is just one of many different sources of OSINT research. Check out my interview with Senior Training Developer Valentin Dobrykov (Cry0l1t3), who created our OSINT: Corporate Recon course in HTB Academy.