The Asian Dark Web – An Inside Look

The Asian Dark Web is one of the most difficult to penetrate.  “Many people have heard of it, while some might even have the courage to install the TOR browser and visit the dark web for themselves. Whether you’ve visited the dark web or not, it’s important to understand how it’s used by cybercriminals and different underground communities so that you can leverage it as a source of threat intelligence,” explains Itay Kozuch, Director of Threat Research at global threat intelligence firm, IntSights, in a report released today.  The InSights report describes the nuances of the Asian Dark Web.  Timed to coincide with Itay’s briefing at Black Hat, “Dark Side of Asia,” the report reveals which countries are starting to make a dent in the Dark Web.

In anticipation of the release of InSights’ report, Brilliance Security Magazine spoke with Itay and received a virtual tour of the Asian Dark Web for ourselves.

We began our foray into the Asian Dark Web by visiting a Chinese site called The Hidden Wiki.  Once translated into English, we could see offerings for just about any ill-gotten gain one could want.

After looking around The Hidden Wiki for a bit, Itay guided us to another Chinese site named Mushroom.  Mushroom is a cannabis lovers haven.  Here you can purchase a potpourri of cannabis products.

Next, we were off to a site specifically designed to sell DDoS services.  This professionally designed site looked like any other online market, but each service offered was some variation of an attack.

Our next stop was what appeared to be a Japanese site that offered cash for Intelligence.  Itay warned that this site was likely not actually a Japanese site, but used that appearance to mask their real origins.  Any kind of intelligence, military, scientific, intellectual property, commercial, social, or political information was solicited.

Itay then steered us to a Japanese Anonymous Group site.  As you might expect, this site encouraged those visiting the site to join and contribute to their various causes.

We then perused a site where all kinds of stolen databases were offered for free.  Even what, at face value, claimed to be an solen FBI database was downloadable.

Then on to Indonesia where we stopped by to see Hacktivus Indonesia where most any imaginable malware could be downloaded, complete with instructions of how to deploy the attack.

There were more, but you certainly get the idea by now.  The Asian Dark Web is growing, even flourishing.  But it’s not just one big “thing.”  Each country has subtle differences.  Itay points out, “When you visit another country, you often need to adjust to new cultural differences and norms. The same goes for visiting other countries’ underground Internet communities. Each country has their own “dark web culture” that you must adhere to and laws that govern them. Being fluent in the language is not enough, you must know the jargon and rules of engagement for each country or else you’ll be kicked out.”

In the IntSights report you will learn about the nuances relative to each country or region.

You can download the full report here.

Steven Bowcut, CPP, PSP is the Editor-in-Chief for Brilliance Security Magazine.