Kategorie: darknet markets

Dark web websites: 10 Onion sites to explore

darknet markets

Even browsing these sites can put you at risk of malware infections or attract unwanted attention from law enforcement. BidenCash became known for regularly leaking huge amounts of stolen credit card data and personal information — often for free. The goal is simple — make financial fraud easy and get as much attention as possible. Some now offer customer support, escrow systems to prevent fraud, and even user-friendly interfaces that make illegal trade feel strangely routine.

Insights and caveats from mining local and global temporal motifs in cryptocurrency transaction networks

ProPublica is an investigative news site owned by an independent nonprofit that exposes abuses of power and corruption. It hosts an onion site so people in countries with restricted press freedom can access its journalism, which covers everything from hacktivism to government repression. On the dark web, traffic is routed through multiple server nodes that don’t log activity, obscuring the user’s origin and enabling anonymous communication. Lawmakers and platforms alike will need to decide what responsibility they’re willing to accept. TRM Labs reported that TRON accounted for 58% of illicit crypto activity in 2024, followed by Ethereum at 24% and Bitcoin at 12%. By utilizing crypto transactions, these cartels can efficiently fund and facilitate the production of fentanyl, which is then trafficked into the United States, contributing to the ongoing opioid crisis.

The dangers of darknet marketplaces

Nexus Market is widely described as a second‑generation, general‑purpose dark‑web marketplace that gained traction through 2024–2025. Community trackers place its launch in late 2023 and note a focus on stability, moderation, and a familiar “escrow + vendor‑reputation” model typical of modern DNMs. Public sources also indicate support for both Bitcoin and privacy‑centric coins, aligning with broader ecosystem trends. To remain anonymous about your purchases on the dark web, always use cryptocurrency as your mode of payment. If a seller encourages you to opt for other well-known and commonly used payment methods, then the person is likely to be a scammer, and you must not make any deal with them. Despite using a VPN, there’s always a risk of the VPN leaking your IP address through DNS or WebRTC leaks or misconfigurations when on a dark web forum or marketplace.

Tweak Tor browser settings

When looking at darknet drug markets serving Russia-based customers, Kraken Market captured 30.9% of market share, with Blacksprut and Mega Darknet markets closely following. As for drug markets serving Western customers, ASAP Market held a 25.0% share, followed by Mega and Incognito. Western drug flows in particular come from US-domiciled exchanges and trace flows from those to darknet markets. The entity “DNM Aggregator” that appears within each category refers to a service we’ve identified as being in control of multiple, disparate darknet markets.

Security issues

  • Another key distinction is that access to darknet markets requires the use of special software such as the Onion Router, or TOR, which provides security and anonymity.
  • Such bans can influence users’ trust perceptions but do not mitigate the inherent risks of illicit-market environments.
  • Throughout the whole period of observation, the dominant category of buyers is market-U2U buyers followed by market-only buyers, representing on average 52% and 42% of all buyers, respectively.
  • Though Mega Darknet Market typically serves a Russian customer base, the drug revenue shown in the chart above likely came from customers based in Europe.
  • Established in 2022, WizardShop is one of the biggest data stores on the dark web, focusing mainly on carding and financial data.
  • In 2024, it recorded on-chain revenue of $43.3 million, a 183 per cent increase, driven by vendor migrations post-shutdown of competitors, according to Chainalysis’ 2023 market report Darknet revenue in 2023.

Every location where personal data is stored is a potential target for cybercriminals. Here are some methods to thwart unauthorized access to your data repositories. Fake online casinos and social networks are common methods for distributing malware. To avoid infection, it’s best to avoid downloading anything from untrusted sources or websites. Many people also prefer to buy goods and services online, which allows for more opportunities to steal people’s personal data and financial information. In one particularly devastating case, a man lost his entire $80,000 pension.

Implications for Security Leaders

Open‑source snapshots describe a broad vendor mix spanning drugs, fraud/financial items, counterfeits, and digital tools—the standard DNM catalog. These roundups stress that listing volumes and category prominence fluctuate over time. Abacus Market has emerged as one of the most reputable and widely used dark-web marketplaces in 2025.

Cryptocurrency Trading

Nonetheless, 2023 saw a rise in new types of scams, including romance scams — also known as pig butchering scams. These types of scams more than doubled in revenue year-over-year, with data indicating a growth of 85x since 2020. In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and Conditions, Privacy Policy, and Disclaimers have been updated.

Verify Onion Links

Moreover, we find a change of trend between the seller and the buyer median net income time series which reflects the dominance of markets, as detailed in the next section. Conversely, transaction networks obtained from the blockchain contain the entire transaction data of the DWMs and U2U transactions, allowing a thorough investigation of the ecosystem as a whole. In fact, previous studies on DWM transaction networks have revealed crucial aspects of the ecosystem13,14,15. However, they have so far mainly focused on DWM users, without distinguishing between buyers and sellers, and neglecting the different weight that more active users may have in the system. The reason is that the operational structure of DWMs inherently hides the seller–buyer link, as all transactions are made through the marketplace. Buyers send money to the marketplace, which in turn sends the money to the seller.

Security Blogs

This is an outcome of the ecosystem’s resilience, largely supported by the migration of users15. Correspondingly, the multihoming activity is a mechanism that contributes to the ecosystem’s resilience. Because they darknet markets links are already active in more than one market, the migration cost for the multihomers is usually smaller compared to that for non-multihomer users, especially for sellers, that need to rebuilt their reputation23.

Crypto Data

These vendors provided the key ingredients for fentanyl, a synthetic opioid trafficked into the U.S. primarily by groups like the Sinaloa Cartel. Chainalysis had previously identified over $37.8 million in suspicious transfers involving suspected China-based chemical vendors. The availability of inexpensive drug precursor chemicals—primarily sourced from China—has further fueled the growth of these platforms. Watch our cyber team share their key insights from their investigations into the biggest dark web trends in 2022. Established in 2022, WizardShop is one of the biggest data stores on the dark web, focusing mainly on carding and financial data. In repressive regimes, darknets play a vital role in enabling free speech and access to uncensored information.

darknet markets

The Hidden Wiki

It runs on a rewritten version of the old Versus codebase, so the UI feels familiar but adds per-order “vendor bond staking” meant to reduce exit temptations. Discover how SentinelOne AI SIEM can transform your SOC into an autonomous powerhouse. Contact us today for a personalized demo and see the future of security in action. Predictive threat intelligence can help you stay ahead of emerging threats by forecasting what’s yet to come. See how the SentinelOne threat-hunting service WatchTower can surface greater insights and help you outpace attacks.

What is a darknet market?

  • Discover how SentinelOne AI SIEM can transform your SOC into an autonomous powerhouse.
  • It’s not as massive as Abacus, but quality’s on point—vendors deliver, and the community’s buzzing on Dread about it.
  • Platforms such as AlphaBay, Empire Market, and White House Market have set industry standards by prioritizing user safety and operational efficiency.
  • Looking closer at ASAP Market inflows, it won some share of revenue across all drug purchase types, receiving 37.1% of social supply, 35.7% of large retail, 16.5% of small retail, and 13.5% of wholesale purchases.
  • We showed that some of the links of this user-to-user (U2U) network are ephemeral while other persist in time.
  • These platforms are organized like common shopping websites, with product listings, prices, and seller profiles.

In many places, including the U.S., the UK, and the EU, accessing the dark web is legal for legitimate purposes. However, many sites on the dark web host illegal content or activities, and engaging with those can lead to serious legal consequences. In some countries, like Russia or China, dark web access itself may be blocked or penalized. ProPublica is one of the safer Tor sites to visit, because it doesn’t link to illegal content or activities. Instead, it focuses on publishing stories and holding powerful institutions accountable. Other major news sources blocked in some countries, like the BBC, also have dark web versions.

  • On Friday the 13th of January, the WayAway team hacked Solaris, taking advantage of a weakness in its coding, and shut it down.
  • The number of market-U2U and market-only buyers also drops as a consequence of operation Bayonet.
  • The list of sanctioned individuals linked to crypto includes the North Korean hacking group Kimsuky, crypto mixer Sinbad.io, Russian national Ekaterina Zhdanova and the Gaza-based MSB Buy Cash.
  • The platform also cares about its users and uses PGP encryption and two-factor authentication to secure their data and communication.
  • With an estimated market value of around $15 million, it has grown into a massive hub for cybercriminal activity.
  • WeTheNorth is a region-restricted marketplace that focuses on Canadian and North American buyers and vendors.
  • Decentralized messaging apps let vendors switch platforms easily and maintain privacy.
  • One of the most well-known technologies enabling darknets is the Tor network, which was developed by the U.S.

Using his credentials, cybercriminals committed a variety of online fraud activity over the course of six months. In 2019, the FBI started its investigation into Genesis Market and enlisted other government agencies and law enforcement organizations across the world, working towards the market’s closure on April 4, 2023. As part of the investigation, the Dutch National Police took the lead on cybercrime prevention, and Van Well shared his insight on the sophistication of the fraud shop’s operation. Another darknet market known for facilitating fentanyl sales to the United States was Canada-based AlphaBay. A once-sizable illicit enterprise that began in 2014, AlphaBay was closed by authorities in 2017 and then reopened in 2021.

  • Additionally, we observe that, except for U2U-only sellers, the median income of the other types of sellers drops after the major shock caused by operation Bayonet (see Supplementary Information Section S4).
  • When one goes down, two more emerge with new ideas, better technology, and greater difficulty to track.
  • The number of stable U2U pairs created each day was, however, steady over time during 2020, even though more U2U pairs were created compared to the same period in 2019, see Figure S9.
  • They’ve got 2FA and encryption that’s tighter than a drum, which I’ve tested against crash-prone sites and found solid.
  • It markets itself as a reliable platform with strong operational security.
  • However, it has a sneak peek, easy guide steps, and/or a quick list providing quick in-page navigations and easily-found answers if desired.
  • Independent verification remains limited due to the market’s relatively recent appearance.

Jardine also emphasized the importance of using services that actively emphasize security in the decentralized finance space. “Good digital hygiene, especially in terms of password and seed phrase management, is also crucial,” he said. While DeFi adoption among darknet vendors is growing, it has not replaced centralized exchanges as the primary laundering method.

Therefore, you must run an IP leak test to ensure that the VPN is working completely fine and is not risking your digital security. The website has a sleek design and interactive user interface, making it the most preferred choice in terms of user experience. You can pay through Monera and Bitcoin using the escrow system or the traditional market account after making a purchase on this shop. The ASAP is a moderate design marketplace on the dark web that offers helpful tools like mandatory PGP encryption and two-factor authentication for a safe browsing experience. Like other marketplaces, ASAP Market also requires you to register for an account. But since its relaunch, the developers are focusing more on operational security and ensuring that users can have a good experience on this site.

Security and Anonymity Features

Law enforcement takedowns, such as Archetyp, demonstrate both impact and adversary adaptation. For cybersecurity professionals, focusing on payment methods, vendor migration, and marketplace specialisation offers the most effective path to actionable intelligence. Monitoring active marketplaces offers early access to malware kits, credential dumps, and fraud tools. Tracking vendor migration—such as from Archetyp to Exodus—provides insight into tactical shifts. Focusing intelligence collection on specialised marketplaces yields better ROI for threat detection and proactive defence. Darknet marketplaces remain central to illicit trade in 2025, with evolving business models, payment systems, and law enforcement responses.

U.S. customers predominantly purchase drugs from these groups that are known to have used crypto to source fentanyl precursor chemicals from labs based in China. The cartels then use those chemicals to manufacture fentanyl that is later sold in the U.S. U.S.-based drug vendors on Abacus Market advertising a synthetic opioid called China White, which its customers can purchase using Bitcoin or Monero. On a smaller scale, Mega Darknet Market placed a few ads with QR codes in public places like Moscow subway trains.