Aug 10, 2022 12:15:37 PM | 2 Min Read

Techniques for Uncovering Anonymous Ransomware Sites on the Dark Web

Posted By
endevis
Share
Techniques for Uncovering Anonymous Ransomware Sites on the Dark Web

Ransomware actors have taken multiple measures to hide their real identity online along with the hosting location of their web server infrastructure.

Operational Security Missteps

The majority of ransomware operators use an out of country hosting provider to host their ransomware operations sites.  Additionally, the use of VPS hop-points, TOR network, and DNS proxy registration services are used as an extra layer of protection to keep their identity anonymous. 

Cybersecurity firms can take advantage of the threat's operational security missteps to identify their hidden identity.  They are able to identify TOR hidden services hosted on public IP addresses.

Checking the favicons 

Favicons are the icons that show up in your browser window next to the web address.  It is often the logo that is associated with your brand.  Similarly, the sites on the darknet have favicons or logos that are associated with their sites.  It is one of the key identifiers for cybersecurity firms looking to catch criminals.

Through the use of web crawlers, cybersecurity firms check the favicons associated with the darknet websites against public internet.  This method is used to uncover the threat's clear web infrastructures.  The criminals' leak sites accessible for any user on the internet along with other infrastructure components are left exposed, which makes it possible to obtain the login locations that are used to administer the ransomware servers.

Now more than ever, cybersecurity firms are looking for employees to help combat these criminals.  If you are interested in this field, take a look at our job openings to see if one is a right fit for you!


endevis has evolved into a national talent & workforce solutions provider with offices throughout the nation. With a focus on healthcare, engineering, and IT staffing, the organization has won a handful of awards across its Professional Direct Placement, Professional Contract Staffing, and Recruitment Process Outsourcing Solutions. For more information, please email ROI@endevis.com.

Topics: Career Insight, Workforce, cybersecurity

Related Posts

Remote Work Skyrockets

After the pandemic, remote work has become increasingly popular among employees and employers. ...

Read More

Reinventing HR

In 2014, Netflix reinvented the HR system.  We can still learn from them today, even though some of...

Read More

Healthcare Trends for 2023

In 2022, healthcare staffing has reached a record high number in revenue and is projected to do...

Read More