Intsights published “the dark site of Asia” report
The name of the Asian darknet is not known. The average person mentions the dark site of Asia, and they all think of the Russian underground hacking forum. To further understand the Asian dark market and onion sites, IntSights researchers conducted a six-month survey and analysis. The results of the study were published recently. The survey showed that the Asian dark-net market is fragmented, culturally relevant, and distributed far beyond expectations.
The survey began with a Hidden Wiki, a dark-book bookmarking site in South Korea, which has been around for several years and is a collection of global websites. The website separates the various websites of the dark network, and even the selected website sections, which can meet the needs of different hackers, including bank account information, bank card number, drugs, pornography, fake passport number and ID number, UK driver’s license, Weapons, etc. It is an excellent Asian dark net entrance.
Image: By Stefano.desabbata [CC BY-SA 4.0 ], from Wikimedia Commons
The next stop is China’s dark web site: Mushroom, which is mainly used for drug trafficking. The drugs are all priced in RMB, which is very different from other bitcoin or other digital currency on the Dark Net drug website because of China. It is forbidden to use any digital currency for trading within the territory. Although information on how to obtain bitcoin and international logistics distribution will appear on the website, most drugs are sold in China, and the price is 30% to 40% lower than the western dark web drug website.
Next is the Japanese dark network. The most significant difference between the Japanese darknet and other Asian countries’ darknets is that it is too polite. Japanese netizens regard it as a parallel universe. On the dark network, everyone can fully express their opinions and participate in various discussions. On the above, you can see various log blogs, and other Asian countries’ darknets are mainly used for illegal goods transactions. Compared to Japan’s darknet, it is more like a popular place where netizens can express their ideas anonymously. More often, they can see people’s dissatisfaction and vent to the government. Even the sale of illegal goods is very democratic. Some sellers also want buyers to bid on the items they sell.
There are two main websites in Japan: Hope Japan and Hope Fukushima. Internet users on the site mainly expressed that the government concealed the real situation and nuclear pollution of the Fukushima nuclear power plant leak, and also called on hackers to attack the Japanese government website, technically guaranteeing the concealment of the attack behavior, and can provide relevant technical support such as DDoS, SQLi, and XSS.
There is also a Japanese dark web site for selling all kinds of information, including military intelligence, confidential document protocols, and technical and technical secrets. However, this website does not belong to the mainstream of Japanese darknets. Other Japanese dark web websites mainly sell drugs and pornography. By analyzing the Japanese site that was last considered to be the information of the Japanese netizen, it is probably a dark website established by North Korea or China using Japanese as a cover, to collect various intelligence information for Japan.
There is also a dark website in Thailand with a list of 30,000 FBI and DHS officials stolen in 2016; a variety of hacking tools and malware downloads are available on the Indonesian Dark Web Forum.
The dark network in Asia is mainly in China. However, many dark websites are not onion sites. They are dark websites outside China, and ordinary people in China have regular access without dark network connections. The first DDoS attack service is available on the Dark Web site, claiming to provide an unlimited DDoS attack connection with 500Gb bandwidth. The second dark website is called QQ, which is mainly used for hacking forums of major social platforms in China, including QQ groups, QQ forums, and chat rooms. The last darknet site is Hack80, a site similar to the Russian Underground Hacking Forum, which provides hacking tools available on traditional Russian hacking forums, including Bitcoin mining tutorials, hacker development kits, malware, and more. However, the website can only use Chinese publishing requirements. Due to China’s network firewall, Internet users in China can access these websites without going through the dark network, resulting in Chinese occupying a mainstream position on these websites.
Western countries should pay enough attention to China’s darknets. Generally speaking, North Korea and Russia are the main dangers, but the level of hackers in China has been dramatically improved. In China, there is no need for a dark network connection to access these websites. It also shows that the hacker and the government cannot tell the unknown relationship. The West often blames China for some hacking attacks, just because these attacks come from Chinese addresses, but the real hackers are probably members of unknown hackers.
In addition to North Korea’s hacker organizations love money, the usual hacker organizations care more about the things behind money, such as stealing intelligence or technical secrets. Many Chinese hackers in Russia are aiming at targets outside China so that they can not attract the attention of the Chinese police. But this does not mean that there is no connection between Chinese hackers and the government. At present, there is no direct evidence in China that the Chinese government has hired hackers to carry out cyber attacks. It is also possible that the government hires hackers abroad to carry out attacks.
At present, many well-known hackers in China have opened their own network security companies. Generally speaking, hackers will not suddenly become white hats for no reason. It is conceivable that these hackers may gain their interests because of the needs of the government. The so-called no benefit cannot afford to be early. Overall, Asia’s darknet is much smaller than the Western Darknet, but that doesn’t mean there is no threat.
You can download the report here.
