Deep Web Investigation

Investigating the dark web is crucial for uncovering hidden criminal activities, bolstering cybersecurity and creating a safer online environment. It involves decrypting messages, comprehending cryptocurrency transactions and tracing elusive digital footprints.


While some people use portions of the deep web to bypass local restrictions and download movies or TV shows, it’s also been used for illicit purposes such as child pornography.

Artifact Identification

Identifying artifacts is an important part of your institution’s archaeological work. Not only is it critical to the accessioning, cataloging and interpretation of an artifact, but a misidentified artifact can cause serious problems down the road. For example, if an object is originally cataloged as a Confederate sword but turns out to be a World War Japanese cavalry saber, it could cause all sorts of trouble for your institution.

The Dark Web is a mysterious domain that functions as an enigmatic sanctuary for illegal activities including unauthorized markets, cyber assaults and data breaches. Digital forensics experts use advanced tools to investigate these hidden corners of the internet. These techniques uncover clues that can help identify malicious actors and address the underlying issues that contributed to the breach.

While examining the Dark Web, digital forensics experts examine the artifacts that are left behind by cyber criminals. These traces can include log files, event records, system logs, network traffic captures, time stamps and registry entries. This information helps to identify malicious actors and uncover a variety of other valuable details about the attack.

The research also shows that the most effective way to encourage systems authors to release artifacts is to provide them with a badge indicating their work has been verified. Papers with a badge that has been evaluated by an independent reviewer have significantly higher citation rates than papers that do not have one (t = 3.82, p 10-3). However, it is unclear whether these high citation rates alone are sufficient to motivate more systems authors to share their artifacts.

Digital Forensics

The field of digital forensics is fascinating because it makes a real difference in people’s lives. As its name implies, it involves analyzing and extracting criminal evidence that can be used against cybercriminals in court. This evidence may be stored on computers, cellphones, or other devices that can store data. Digital forensic professionals use highly-specialized tools to collect, store, and analyze this information. Moreover, they follow strict standards to ensure that their work can be used as evidence in court.

Digital forensics can be used in cyber investigations to track down and stop phishing attempts, identify suspicious connections, and discover how attackers breached an endpoint. In addition, this process helps companies understand what happened during a security event so they can close gaps in their defenses.

In law enforcement, digital forensics provides the evidence that prosecutes criminals and protects companies from future attacks. This evidence can be in the form of phishing emails, documents, or even browsing data. In the case of cyberattacks, digital forensics can reveal the identity of attackers and help them get caught.

In corporate settings, digital forensics can be used to investigate breaches, investigate intellectual property theft, and verify industry compliance. These investigations are often triggered by specific events, such as abnormal activity in the network or servers, unauthorized access, or ransomware threats.

Cryptocurrency Recovery

Cryptocurrency is a popular digital asset used to facilitate transactions, investments and even to pay for goods and services. Its popularity has led to the emergence of scammers who steal users’ digital assets through phishing attacks and fraudulent exchanges. Recognizing red flags like guaranteed returns, lack of transparency and pressure to act fast can help users avoid these scams and report them promptly. If cryptocurrency has been stolen, contacting the exchange and pursuing international legal options are possible recovery mechanisms.

To trace digital wallets and cryptocurrencies, investigators may use specialized blockchain forensic tools and traditional forensic methods to examine a range of artifacts including the transaction ID address, type of currency held and transacted, transaction history, source of funds and account and transaction balances as well as attribution (account owner information). By examining these evidence, investigators can identify accounts associated with criminal typologies such as rapid cashouts or transfers to high-risk regions.

A successful OSINT investigation requires seamless access to a variety of sources across the surface, deep and dark web. Having a secure, trusted and resilient system in place enables investigators to gather OSINT from these different layers, mapping connections and following threads quickly and accurately. In addition, AI and machine learning can provide a powerful boost to this process by identifying trends and patterns much faster than human investigators.

Information Sharing

The dark web is not just about illicit drug sales or the purchase of illegal weapons and explosives. It’s also about taboo topics that aren’t socially acceptable and cybercriminal activities such as phishing, ransomware, malware, and other hacking techniques that are often discussed in the shadows.

These activities are supported by the use of anonymizing technologies, cryptocurrency, and the ability to hide identities on forums and messaging services that have become a staple of internet culture. Criminals utilize these platforms for a variety of illegal transactions including the sale of drugs (including opioids and other controlled substances), bomb parts, stolen credit card information, computer hardware, body parts, child pornography, and criminal acts for hire.

In order to effectively combat the rise in cybercrime and illegal internet activity, investigators need access to all three layers of the modern internet – the surface web, deep web, and dark web. OSINT experts need to seamlessly switch between these sources and map connections across disparate information.

Workshop participants identified several areas of need, including training for line officers and investigators to spot relevant dark web evidence; better information sharing among agencies, both domestically and internationally; and structures for cooperation that allow for collaboration between agencies in the fight against cybercriminals. Blackdot can help investigators safely and securely collect dark web OSINT using its Videris platform. Request a demo to learn how.