A darknet market is a virtual marketplace that operates away from the open internet in the darknet. Basically, since such platforms are mostly illegal black markets, they are run as onion services on the Tor or I2P network.
Only cryptocurrencies such as Bitcoin or Monero are used as a means of payment. Darknet markets became known to a wide audience primarily through the rise and fall of Silk Road. While all major markets are fully-fledged e-commerce platforms and thus act as a third party vis-à-vis buyers and sellers, some offers are limited to a function as a classifieds portal or forum and only offer a means of contact between the parties involved. A distinction must be made between markets and simple merchant shops, some of which also operate on the Clearnet (open Internet).
Trafficked products are mainly illegal drugs and various digital goods (e.g. premium accounts and e-books), but on some platforms they also include counterfeit money, fake identity documents and credit cards, as well as weapons and child pornography.
Security Measures and Access to Darknet Markets
For anonymous access to darknet services, the Tor Browser Bundle is used alongside a current PGP implementation (such as gpg4usb or GnuPG). Since in some jurisdictions the surrender of the passphrase for encrypted data carriers can be enforced, these or similar programs that do not require installation are transferred together with the private keys and other sensitive data to a private key, e.g. with VeraCrypt or LUKS/dm-crypt encrypted removable drive. Since Windows systems cannot be checked for backdoors due to their unknown source code, Linux systems such as Ubuntu, Linux Mint, Tails, Whonix or Qubes OS (e.g. in a virtual machine) are used. These offer partial or full encryption of the system during installation.
For security and anonymity reasons, all communication within a market, in particular the transmission of delivery addresses, is carried out using PGP encryption, whereby messages are encrypted with the recipient’s public key stored in the user profile. Most markets require a user-designated security PIN for payments or withdrawals. In addition, in view of the widespread identity theft on the darknet, two-factor authentication is usually used, whereby a short puzzle must be decrypted after entering the login name and password using one’s own private PGP key.
A potential weak point in the security chain is the choice of delivery address, which is primarily relevant in the case of profiling suspicious mail flows by investigators, but also with regard to darknet retailers who store customer data permanently and possibly unencrypted. In order to disguise their real names and place of residence, some shoppers use mailboxes at vacant addresses, or rent mailboxes under a false name.
Bitcoins are not completely anonymous, but merely “pseudonymous”. The metadata may be used to trace transactions back to a specific Bitcoin address. In order to eliminate this risk, so-called Bitcoin mixers exist, in which random payouts from a shared pool are used to try to disguise the origin in order to establish the fungibility of the Bitcoins (so-called CoinJoin implementation). The exchange of bitcoins for cryptocurrencies with ring signatures, such as Monero, is also used to disguise origin.