Aug 10, 2022 12:15:37 PM | 2 Min Read

Techniques for Uncovering Anonymous Ransomware Sites on the Dark Web

Posted By
endevis
Share
Techniques for Uncovering Anonymous Ransomware Sites on the Dark Web

Ransomware actors have taken multiple measures to hide their real identity online along with the hosting location of their web server infrastructure.

Operational Security Missteps

The majority of ransomware operators use an out of country hosting provider to host their ransomware operations sites.  Additionally, the use of VPS hop-points, TOR network, and DNS proxy registration services are used as an extra layer of protection to keep their identity anonymous. 

Cybersecurity firms can take advantage of the threat's operational security missteps to identify their hidden identity.  They are able to identify TOR hidden services hosted on public IP addresses.

Checking the favicons 

Favicons are the icons that show up in your browser window next to the web address.  It is often the logo that is associated with your brand.  Similarly, the sites on the darknet have favicons or logos that are associated with their sites.  It is one of the key identifiers for cybersecurity firms looking to catch criminals.

Through the use of web crawlers, cybersecurity firms check the favicons associated with the darknet websites against public internet.  This method is used to uncover the threat's clear web infrastructures.  The criminals' leak sites accessible for any user on the internet along with other infrastructure components are left exposed, which makes it possible to obtain the login locations that are used to administer the ransomware servers.

Now more than ever, cybersecurity firms are looking for employees to help combat these criminals.  If you are interested in this field, take a look at our job openings to see if one is a right fit for you!


endevis has evolved into a national talent & workforce solutions provider with offices throughout the nation. With a focus on healthcare, engineering, and IT staffing, the organization has won a handful of awards across its Professional Direct Placement, Professional Contract Staffing, and Recruitment Process Outsourcing Solutions. For more information, please email ROI@endevis.com.

Topics: Career Insight, Workforce, cybersecurity

Related Posts

5 New Year Resolutions to Improve Your Job Search

Are you looking for a new job in 2022?  Here are some new year resolutions that you can make to...

Read More

Office Tools for Hybrid/ Remote Workers

It's no surprise that we are experiencing a shift in the work environment.  Employees are now...

Read More

Engaging the Workforce

Workforce engagement has been a concern for many HR professionals for many years.  How do leaders...

Read More