Das Darknet beherbergt eine vielfältige Gruppe von Nutzern mit einem komplexen Wortschatz, der sich oft mit den Communities von Hackern, Spielern, Softwareentwicklern, Strafverfolgern und anderen überschneidet. DarkOwls Glossar der Darknet-Begriffe ist eine sich ständig weiterentwickelnde Ressource, die den allgemeinen Sprachgebrauch, Slangbegriffe und Akronyme definiert, die unsere Analysten in Untergrundforen, Instant-Messaging-Plattformen (z. B. Telegram) und in der Informationssicherheitsforschung zum Darknet finden.
http://s5cxkrtjnsw3jg52c2rxb2d2jjl3y4ph3eqz373pziq33cnqj6ripyqd.onion
Kurz-URL: https://tinyurl.com/alivendor
Alle nachstehenden Definitionen beziehen sich, sofern nicht anders angegeben, auf ihre spezifische Verwendung in den Darknet- und Deep-Web-Communities.
|
420 |
Slangbezeichnung für Marihuana |
A |
|
|
Account Takeover |
Exploit-Technik, bei der ein Konto gekapert wird. Bei dem Konto kann es sich um das elektronische Postfach des Opfers, eine Chat-Plattform, soziale Medien oder ein Finanzkonto handeln, von dem Steuergelder gestohlen werden. |
|
Actors |
Potenziell böswillige Einzelpersonen oder Gruppen, die gezielte Angriffe oder Kampagnen durchführen, wobei die Motive von politischem Hacktivismus bis hin zu Internetkriminalität reichen. |
|
Address (crypto) |
Eine Reihe von Buchstaben und Zahlen, die zusammen einen digitalen Ort bilden, an den und von dem Kryptowährungen gesendet werden können. |
|
Administrator |
Person, die für die Verwaltung und Sicherheit der Netzinfrastruktur und der Server eines Unternehmens zuständig ist. |
|
AES |
Akronym für Advanced Encryption Standard. Eine von vielen Chiffren, die die US-Regierung zum Schutz von Geheiminformationen verwendet. |
|
Affiliate |
Geschäftspartner, der wahrscheinlich einen Teil des Erlöses in Zusammenarbeit mit dem Vertrieb oder Verkauf von illegalen Waren oder Dienstleistungen erhält. Wird auch als PP (paid partners) bezeichnet. |
|
Affiliate Model |
Unterirdisches Geschäftsmodell, bei dem ein Nutzer eine Dienstleistung von einem Akteur kauft und ihm einen Teil des Erlöses zukommen lässt. |
|
AFK |
Akronym für Away From Keyboard. Dies wird in der Regel bei Online-Spielen verwendet, um anzuzeigen, dass jemand inaktiv ist. |
|
Aggro |
Slangausdruck für Aggressivität oder Aggression. Kann verwendet werden, um zu beschreiben, wie sich eine Person verhält. |
|
Alias |
Ein Bildschirmname, der die Identität des Benutzers verschleiern soll und in der Regel keine Verbindung zur echten Identität des Benutzers hat. Wird auch als Pseudo und Moniker bezeichnet. |
|
APT |
Akronym für Advanced Persistant Threat; Angriffskampagne, bei der sich ein Eindringling unbefugten Zugang zu einem Netzwerk verschafft und sich der Entdeckung entzieht, um einen zeitverzögerten Angriff oder Spionage durchzuführen. |
|
AML |
Abkürzung für Anti-Money Laundering. |
|
Anon |
Gelegentlicher Begriff, der sich auf jeden Dark-Web-Nutzer bezieht, dessen Identität unbekannt oder “anonym” ist. |
|
Anonymous |
Ein dezentrales Hackerkollektiv, dessen Mitglieder sich mit Hacktivismus oder geopolitisch motivierten Kampagnen gegen Internet- und Regierungszensur engagieren. |
|
AnonFiles |
Online-Datenspeicher für Dateien von Drittanbietern, der es Nutzern ermöglicht, von anderen freigegebene Dateien hoch- und herunterzuladen. |
|
AP |
Akronym für affilitate partner; (auch bekannt als PP); Geschäftspartnerschaft, bei der ein Ransomware- (oder Malware-) Entwickler seine Software gegen eine prozentuale Gewinnbeteiligung an seine Partner vermietet. |
|
API |
Akronym für Anwendungsprogrammierschnittstelle. Sie ermöglicht es zwei Anwendungen, miteinander zu kommunizieren. |
|
Authentication |
Der Prozess der Überprüfung der behaupteten Identität eines Benutzers mit Hilfe von digitalen Berechtigungsnachweisen, Schlüsseln oder Social Engineering. |
|
AV |
Akronym für Anti-Virus. Softwareanwendung, die bösartige Programme erkennen soll. |
|
AYB |
Akronym für “All your base”, kurz für “All your base are belong to us”, verwendet in Spielen. |
B |
|
|
Backdoor |
Einstiegspunkte in ein System oder ein Stück Software. Hintertüren können als zusätzlicher legitimer Zugangspunkt in den Code eingebaut werden, werden aber auch häufig von böswilligen Akteuren als Mittel zur böswilligen Ausbeutung eingeschleust. |
|
Bait & Switching |
Taktik von Anbietern (Verkäufern) im Darknet, deren Ziel es ist, Kunden durch Werbung für ein billiges Produkt, das möglicherweise nicht existiert, anzulocken und sie dann zum Kauf eines teureren Produkts zu überreden. |
|
Bank drops |
Bankkonten, auf denen Cyberkriminelle und Betrüger ihre gehackten Bankdaten zu Geld machen. Wird von Carding-Enthusiasten genutzt, um kompromittierte Kontoinformationen durch heimliche Banküberweisungen über Geldkuriere auszunutzen. |
|
BIN |
Akronym für Bank-Identifikationsnummern (auch Issuer Identification Numbers (IINs) genannt). Diese sind ein entscheidender Bestandteil der Kartenvergabe und des Betrugs. |
|
Blockchain |
Ein gemeinsam genutztes Hauptbuch, das den Prozess der Aufzeichnung von digitalen Transaktionen mit Geld und anderen Vermögenswerten erleichtert. |
|
Boss |
Slangbegriff für unglaublich toll; großartig; “siegreich”. Kann auch als Beleidigung verwendet werden, um zu zeigen, dass man keinen Respekt vor jemandem hat. |
|
Botnet |
Eine Armee von kompromittierten Computern oder IoT-Geräten (Internet of Things), die gemeinsam für einen böswilligen Zweck genutzt werden. |
|
Breach |
Ein vorsätzlicher Angriff auf ein Netzwerk, der in der Regel auf Organisationen oder Unternehmen abzielt. Die Informationen, die aus einer Sicherheitsverletzung stammen, können die gleichen oder ähnliche sein wie die aus einem Leck, aber die Methode zur Erlangung der Daten ist ein direkter Angriff anstelle einer nicht offengelegten Sicherheitslücke. |
|
Bridges |
Eine Art Netzwerkgerät, das verwendet wird, um sich mit OSI Level 2 Netzwerken zu verbinden, oft in lokalen Netzwerken verwendet. In Tor sind Bridge-Relay-Knoten wie normale Tor-Relays, werden auch von Freiwilligen betrieben, sind aber nicht öffentlich gelistet. |
|
Brute force |
Ein Angriff, bei dem versucht wird, alle möglichen Kombinationen (in der Regel Passwörter) zu ermitteln, um durch Ausprobieren eine Übereinstimmung mit den Anmeldeinformationen zu finden, bis der Zugang gelingt. |
|
B-Tard |
Slang-Begriff, der eine Beleidigung sein soll und meist auf Imageboards (wie 4chan) verwendet wird, um anzudeuten, dass ihr Beitrag zufällig oder unsinnig ist. |
|
BTC |
Akronym für Bitcoin. |
|
Burner |
Ein Gerät, das wegwerfbar und unauffindbar ist. Sie können verwendet werden, um eine andere Identität anzunehmen oder auf Informationen zuzugreifen, die das Gerät beschädigen oder gefährden könnten. |
C |
|
|
C2 |
Akronym für “Befehl und Kontrolle”. Bei Cyberoperationen kann C2 die Personen bezeichnen, die eine Operation leiten, oder eine Reihe von Softwareanwendungen, die den Zugang zu einem Botnetz ermöglichen. |
|
Campaign |
Koordinierte Cyber-Operationen zur Erreichung eines bestimmten Ziels. |
|
Carding |
Ein Segment des Darknets, das sich mit betrügerischer Finanz-Cyberkriminalität unter Verwendung von Kreditkartendaten befasst. Dies beinhaltet oft die illegale Verwendung einer Kreditkarte durch eine unbefugte Person zum Kauf eines Produkts, einer Ware oder einer Dienstleistung. |
|
Chan |
Ein Forum im Stil einer Deep-Web-Diskussion mit anonymen Benutzern. Das Forum enthält “Bilder” mit Beiträgen und ist für schnelle, politisch aufgeladene Diskussionen bekannt. |
|
Cheese |
Slangausdruck für “Geld”. Echter Käse wurde früher von der Regierung für Sozialhilfe ausgegeben. Betrüger verwenden das Wort in der Phrase “Cheese on Deck”, um zu sagen, dass das Geld kommt. |
|
Cipher |
Eine Chiffre ist ein System zur Ver- oder Entschlüsselung von Daten, in der Regel in Form eines bestimmten Verschlüsselungsalgorithmus. |
|
Ciphertext |
Informationen, die verschlüsselt oder kodiert wurden und ohne die richtige Chiffre unlesbar sind. |
|
Clearnet |
Das “normale” Internet (ohne Darknet), auch als Surface Web bezeichnet. |
|
Cleartext |
Informationen, die lesbar sind und nicht verschlüsselt sind oder waren. |
|
Click fraud |
Eine Art von Betrug im Internet, bei der ein Nutzer dazu verleitet wird, auf eine irreführende Werbung zu klicken, um andere (in der Regel unlautere) Ziele zu erreichen. Dies ist vor allem bei SEO-Betrug zu beobachten, bei dem Modelle ausgenutzt werden, bei denen die Täter für jeden Klick bezahlt werden, was zu einem unrechtmäßigen finanziellen Gewinn führt. |
|
Client |
Computerhardware oder -software, die auf einen Dienst zugreift, der von einem Server im Rahmen des Client-Server-Modells von Computernetzen gehostet wird. |
|
Cloaking |
Eine bösartige SEO-Methode, bei der eine benutzerdefinierte Version der Website auf der Grundlage des Website-Besuchers bereitgestellt wird. Handelt es sich bei dem Besucher beispielsweise um einen Googlebot, wird eine Form der Landing Page der Website mit mehr Schlüsselwörtern angezeigt, um das Suchmaschinen-Ranking der Website zu verbessern. IP-Cloaking kann auch die Auslieferung von Adware über eine Website beinhalten. |
|
Cloud |
Ein entfernter Satz von Servern und Datenspeichern zur Speicherung von Inhalten außerhalb lokaler Geräte und Netzwerke. |
|
Cold wallet/ Cold Storage |
Geräte oder Anwendungen, die Ihre privaten Schlüssel offline speichern. Sie gelten als eine der sichersten Methoden zur Sicherung digitaler Währungen. |
|
Combo Lists |
Eine Liste von E-Mail-Adressen und Kennwortkombinationen, die bei Brute-Force-Versuchen oder Credential Stuffing-Operationen verwendet werden können, um unberechtigten Zugang zu Servern und Diensten zu erhalten. |
|
Comment spamming |
Nutzung des Kommentarbereichs zur Beeinträchtigung der Website und zur Verfolgung bösartiger Absichten durch Spam. |
|
Consensus (crypto) |
Wird erreicht, wenn sich alle Teilnehmer des Netzwerks über die Reihenfolge und den Inhalt der Blöcke in der Blockchain einig sind. |
|
Cookie (technology) |
Text, der von einem Server an einen Web-Client gesendet und vom Client jedes Mal zurückgegeben wird, wenn er diesen Server benutzt. Diese Technologie wird in der Regel für die Authentifizierung von Website-Benutzern, die Sitzungsverfolgung und auch für die Verwaltung von Informationen über die Benutzer verwendet. |
|
Corporate Risk |
Die Wahrscheinlichkeit, dass ein Unternehmen einen Sicherheitsvorfall erleidet, bei dem Daten verwendet werden, die aus offenen Quellen und dem Darknet leicht zugänglich sind, und dem Unternehmen einen Ruf- und/oder finanziellen Schaden zufügen. |
|
CPN |
Akronym für Credit Profile Number, Credit Protection Number oder Credit Privacy Number. Eine neunstellige Nummer, die von betrügerischen Kreditreparaturunternehmen verkauft wird. |
|
Cracking |
Beim Cracken werden Softwarelizenzen und -authentifizierung umgangen, um Software ohne Kauf zu nutzen. |
|
Crawler (technology) |
Programm oder automatisiertes Skript, das die auf Webservern gehosteten Daten durchsucht und sammelt. |
|
Credential Stuffing |
Eine gängige Technik, die von Cyberkriminellen eingesetzt wird, um zu testen, ob in der Vergangenheit aufgedeckte E-Mail-Adressen und Passwortkombinationen für mehrere kommerzielle Websites gültig sind. |
|
Credentials |
Einrichtungen, die erforderlich sind, um einen Benutzer zu verifizieren und zu authentifizieren, damit dieser Zugang zu einem Tool, einem Standort oder einem Konto erhält. Am einfachsten ist die Kombination aus E-Mail und Passwort. |
|
CSAM |
Akronym für Material zum sexuellen Missbrauch von Kindern; illegale Inhalte, die häufig im Darknet zu finden sind. |
|
CTA |
Akronym für Cyber-Bedrohungsakteur. |
|
Cyber insurance |
Eine Art von Versicherung, die Versicherungsnehmer gegen Cybervorfälle wie Ransomware, DDoS-Angriffe oder andere Methoden zur Kompromittierung eines Netzwerks und sensibler Daten schützt. |
|
Cybersecurity Incident |
Ein Ereignis, das zum unbefugten Eindringen in ein Netzwerk oder zum Abfluss von Daten aus einem Netzwerk führt. Diese Vorkommnisse gefährden letztlich das gesamte Informationssystem und/oder die in diesem System gespeicherten Informationen. |
|
Cyberspace |
Ein Konzept, das miteinander verbundene digitale Technologien beschreibt und zur Unterscheidung zwischen der physischen und der digitalen Welt verwendet wird. Es umfasst das Internet, Telekommunikationsnetze, Computersysteme und eingebettete Prozessoren und Steuerungen. |
D |
|
|
DAO |
Akronym für Dezentrale Autonome Organisationen. DAOs werden in dezentralen Netzwerken eingerichtet und verfolgen die Aktivitäten der Aktionäre über Smart Contracts oder Blockchain-Ledger-Einträge. |
|
Darknet |
Wird auch als “Dark Web” bezeichnet. Eine Ebene des Internets, die mit herkömmlichen Browsern nicht zugänglich ist, sondern anonyme Proxy-Netzwerke oder eine Infrastruktur für den Zugang erfordert. Tor ist das am weitesten verbreitete. |
|
Data lake |
Ein zentrales Repository, in dem Sie alle strukturierten und unstrukturierten Daten in beliebigem Umfang speichern können. |
|
DB |
Darknet slang for “Database”. |
|
DDoS |
Akronym für Distributed Denial of Service Attack. Ein bösartiger Angriff auf ein Netzwerk, bei dem ein Server mit nutzlosem Netzwerkverkehr überflutet wird, der die Grenzen der TCP/IP-Protokolle ausnutzt und das Netzwerk unzugänglich macht. |
|
Decentralized |
Ein Modell, das auf der Verteilung von Macht oder Informationen beruht und nicht auf einer zentralen Behörde. |
|
Deep Web |
Online-Inhalte, die nicht von Suchmaschinen indiziert werden, wie z. B. authentifizierungspflichtige geschützte und eingefügte Websites, und die am besten als alle Inhalte mit einer Oberflächenwebsite beschrieben werden können, die eine Authentifizierung erfordern. |
|
DeFi |
Acronynm für dezentralisierte Finanzen. Peer-to-Peer-Finanzdienstleistungen auf der Grundlage sicherer Ledger auf öffentlichen Blockchains. |
|
Disinformation |
Falsche oder ungenaue Informationen, die in böser Absicht verbreitet werden. Eine Desinformationskampagne ist eine psychologische Operation, die darauf abzielt, die Wahrnehmung einer Zielperson in Bezug auf bestimmte Themen zu manipulieren. Dabei werden strategische Methoden eingesetzt, um über verschiedene Medienplattformen und Medien Falsch- und Halbwahrheiten zu verbreiten. |
|
Distro |
Kurz für Linux-Distribution. Ein Betriebssystem, das auf Open-Source-Softwareentwicklung basiert. |
|
DM |
Akronym für Direktnachricht. |
|
DNS |
Akronym für Domain Name System. Die Übersetzung einer IP-Adresse in einen Domänennamen. |
|
Domain |
Eine Textzeichenfolge (in der Regel der Name der Website oder Organisation), die einer IP-Adresse zugeordnet ist und für den Zugriff auf eine Website über eine Client-Software verwendet wird. Der DNS für Google lautet zum Beispiel google.com. |
|
Dox |
Die öffentliche Nennung oder Veröffentlichung privater Informationen (PII) über eine unwissende Zielperson. |
|
Dreadit |
Deep Web/Darknet-Forum ähnlich wie Reddit. Gegründet von HugBunter, nachdem Reddit Diskussionen über Darknet-Marktplätze verboten hatte. |
|
Drop site |
Der Ort, an dem eine Sendung von (in der Regel illegalen) Waren deponiert wird. |
|
Dump (crypto) |
Die Aktion, eine Kryptowährung abzustoßen, wenn der Preis gefallen ist, oder sie sehr schnell zu verkaufen, um aus der Investition herauszukommen. |
|
Dumps |
Auch als Dumpz bezeichnet; große, im Voraus zusammengestellte Listen mit gestohlenen Finanzdaten. |
E |
|
|
ECC |
Akronym für Fehlerkorrekturcode. Eine Art von Code, der gelesene oder übertragene Daten auf Fehler überprüft und diese korrigiert, sobald sie gefunden werden. |
|
EDR |
Akronym für Endpoint Detection and Response. |
|
Encryption |
Process obfuscating information or data such that it can be only be read by those that have the cipher. |
|
Escrow |
Contractual arrangement designed to have a third party hold funds or assets while product is being transferred, ensuring that both parties will get what they expect. Popular with darknet marketplaces. |
|
ETH |
Acronym for Ethereum. |
|
Exfil |
Slang for “Exfiltration”. The process of removing data from a victim network, often via SSH or FTP. |
|
Exit Relay |
The final node in a Tor onion circuit that network traffic passes through before reaching the destination server. |
|
Exit Scam |
Scam in which a darknet market administrator or vendor shuts down operations before providing the purchased good or service, or stealing the escrow funds held by the marketplace. |
|
Exploit |
Procedure or code that takes advantage of a vulnerability or flaw in software, an operating system, or firmware. |
|
Exploit Kits |
(Also referred to as Exploit Packs); Collection of exploits that serve as a toolkit for cybercriminals to attack vulnerabilities. |
|
Extortion |
The threat of leaking or holding stolen data, senstive information or computer systems until the criminals demands are met. |
F |
|
|
FE |
Acronym for Finalize Early, signaling that funds in a darknet marketplace’s ESCROW have been released before the product has arrived. |
|
Fent |
Slang term for Fentanyl. |
|
Firewall |
Network security system that continuously monitors incoming and outgoing network traffic, and blocks out any untrusted sources to ensure safe communications. |
|
Firmware |
A type of software that is etched directly into a piece of hardware. It operates without going through APIs, the operating system, or device drivers—providing the needed instructions and guidance for the device to communicate with other devices or perform a set of basic tasks and functions as intended. |
|
Flake |
Slang term for cocaine that is more potent, purer, and more expensive. |
|
FOMO |
Acronym for Fear of Missing Out; fear of not knowing about something, not being privy to certain information, or not being invited to an event or activity. |
|
Forum |
Online discussion site where people discuss and follow specific topics. |
|
Freenet |
A type of peer-to-peer decentralized network designed for anonymity and censorship resistence by direct file sharing and hosting by the peers of the network. |
|
FUD |
Acronym for Fear, Uncertainty, Doubt. |
|
Fullz |
Slang term for Full Information; Consists of detailed PII that could be utilized by a cybercriminals to commit fraud or identity theft. |
|
FTP |
Acronym for File Transfer Protocol. Network protocol used to transfer files between devices over the internet. |
G |
|
|
GG |
Acronym for Good Gear, or for Gamma Goblin; A marketplace on the darknet. |
|
GG (gaming) |
Phrase meaning “Good Game.” Can also be used as an insult when a player has performed extremely poorly. |
|
Ghosting (gaming) |
Form of cheating in online games where certain players have beneficial information about the game or other players that they shouldn’t have and gives them the upper hand. Also describes a player that is offline but appears to still be available via chat. |
|
GOAT |
Acronym for Greatest of all time; Someone that is the best in a certain category. |
H |
|
|
Hacker |
An individual who uses technical knowledge to solve problems, gain access, break into systems, or take information for nefarious purposes or social-good motivations for themselves or on behalf of a group or government. |
|
Hacking |
Actions to jeopardize and the misuse of digital devices to compromise them and damage them and their networks, typically to extract information for malicious purposes. |
|
Hacktivist/s |
Individual/s who carry out cybercrimes against organizations that do not align with their particular social, religious, or political beliefs. |
|
Hardware |
Physical tools, machinery, and equipment that a computer system needs to function. |
|
Hash Value |
A number that identifies a unique set of data. |
|
Hashing |
Practice of taking data and inputing it into a cryptographic hash function to produce a hash value. |
|
H4x0r |
Also displayed as Haxor. Slang for hacker. |
|
Hax |
Shorthand for hack; Low level crime and cheating. |
|
Hidden Service |
Another term for an .onion (Tor) site. Also called “onion services”. |
|
High-Risk Surface Web |
Content from the surface web that has a high overlap with the darknet and deep web community, including mirrors of darknet sites. |
|
HODL (crypto) |
Acronym for Hold on for Dear Life; Passive, longer-term investment strategy of holding onto crypto instead of selling with hopes that the value will increase. |
|
Honeypot |
Website or hidden service setup by law enforcement to attract and identify individuals who participate in illegal activity online. |
|
Hot wallet |
Virtual cryptocurrency wallet that is always connected to the internet and cryptocurrency network and is used to make cryptocurrency transactions. |
I |
|
|
I2P |
Acronym for Invisible Internet Project; Encrypted, anonymous network that allows for protected, uncensored communication via peer-to-peer network communications. |
|
IAB |
Acronym for Initial Access Brokers; Individuals or gangs that have access to networks either by elite credentials or by a possession of known vulnerabilities and sell access to malicious actors. |
|
ICS |
Acronym for Industrial Control System. A generalization to describe types of control systems and apparatuses built to manage, automate, and operate industrial processes. |
|
IDS |
Acronym for Intrusion Detection System; Device or software that monitors networks and scans them for an attack or malicious activity. |
|
IIN |
Acronym for Individual Identification Number; used in reference to bank and/or credit accounts. |
|
Image Board |
Internet forum that centers around the posting of images and comments around a specific topic where identity is kept anonymous, see chan. |
|
IP |
Acronym for Internet Protocol; rules for routing data in the internet. Can be ipv4 or ipv6. |
|
IR |
Acronym for Incident Response; Comprises of how an organization responds to a cyberattack. |
|
IP |
Acronym for Intellectual Property; Intangible creations of the mind. Could also refer to Internet Protocol. |
|
IP address |
Unique identifier that a device has on the internet or local network. |
|
IPS |
Acronym for In-plane switching; Form of led display monitor known for having the best color and viewing angles. |
|
IRC |
Acronym for Internet Relay Chat; Text-based chat system for group discussion where chat servers allow network connections from users. |
|
ISP |
Acronym for Internet Service Provider. A company providing paying customers access to the Internet. |
J |
|
|
(Cyber) Jihad |
Islamic extremist terrorists’ use of the Internet to communicate, plan, and recruit. |
|
Jabber |
A communication software platform provided by Cisco that is cloud-based and encrypts server-to-server connections. |
K |
|
|
Kali |
An open-source Debian-based, operating system distributed by Linux used in security auditing, penetration testing, and popular with threat actors. |
|
Keylogger |
Type of monitoring software that captures and records the keys pressed on a keyboard. |
|
KYC |
Acronym for know-your-customer/client; Standard identity verification to set up crypto exchange account. |
L |
|
|
Larp |
Acronym for live action role play; Type of role playing where people dress up as their characters and act out the game. |
|
LE |
Acronym for Law Enforcement. |
|
LEA |
Acronym for Law Enforcement Agency. |
|
Leak |
An unintentional exposure of secured organizational data. |
|
Ledger |
Financial record-keeping system that maintains the anonymity of the user’s identity, cryptocurrency balances, and transactions. |
|
Leech |
A person who downloads data, software or resources (often unethically), without sharing or providing anything in return. |
|
Leet (gaming) |
(also referred to as l33t or 1337); Slang term for someone who has great skills at gaming or computing. |
|
Link farms |
Group of websites that all hyperlink to a target page in order to increase the search engine optimization ranking. |
|
Listing |
Offering of a product or service for sale on the darkweb. |
|
Litecoin |
(LTC) Peer-to-peer cryptocurrency and open-source software that uses Scrypt and operates like BitCoin. |
|
Logs |
Files of data generated by a computer that keeps information about use, patterns, activity, and operations within the operations system. |
|
Love Letter |
Dark web slang for when the postal service seizes a package and leaves a notice in the receipient’s mailbox that illegal goods have been seized but no legal action has been taken. |
|
Lurker |
Person who browses a internet board but never posts original threads. |
M |
|
|
MAC address |
Acronyn for Media Access Control address; Unique 48-bit serial number that uniquely idenfies a device in a network segment. |
|
Malware |
Malicious software program designed to hijack computer systems or steal sensitive information from a device or network. |
|
Mariana’s Web |
A nick-name given to a mythical section of the darkweb inspired by Mariana’s trench. Supposedly the deepest part of the dark web with forbidden, illegal information and services. |
|
Marketplace |
Also known as markets. Websites on the darknet where vendors can sell their goods or services while remaining anonymous. |
|
Masking |
Process of modifying data to a point where there is little usable material to those without granted access. |
|
MD5 Hash |
A message-digest algorithm that was designed as a cryptographic hash function. It is still used to authenticate files using a 128-bit hash value. |
|
Meme |
A humerous image, video or phrase that is often altered and spread via the internet using social media. |
|
Metadata |
Data that provides more information about data or a document. Metadata is often hidden and not readily available to the consumer. |
|
Methods |
Tutorials and guides distributed and used to instruct cybercriminal activity. |
|
MFA |
Acronym for Multi-Factor Authentication. A user gives a combination of two or more credentials to gain accesss in a layered approach to securing data and information. |
|
Misinformation |
Spreading false information regardless if the intention is to mislead others or not. |
|
MITM |
Acronym for Man in the Middle Attack; Attack that compromises the communication between the two parties who believe that they are communicating directly with eachother. |
|
Mining (crypto) |
Otherwise known as cryptocurrency mining; Process where new cryptocurrency coins are verified and added to the blockchain. |
|
Mirror Site |
A site with the same content as another but with a different domain or URL. |
|
Mix (crypto) |
Otherwise known as a tumbler; Service offering to blend together potentially identifiable crypto funds with others in an effort to hide the trail to the fund’s original source and make crypto harder to trace. |
|
Mod |
Shorthand for Moderator; People who monitor online message boards, chatrooms, or discussions. |
|
Molly |
Slang term for 3,4-Methylenedioxymethamphetamine (MDMA), commonly known as ecstasy; Psychoactive drug primarily used for recreational purposes. |
|
Monero |
A type of decentralized cryptocurrency that uses a public distributed ledger with privacy-enhancing technologies to keep finances anonymous and secure, increasing in popularity on the darknet. |
|
Mules |
Also known as money mules; People that help conceal the identity of a cybercriminal by assisting in fraud by moving money illegally on their behalf. |
|
Multi-Sig |
Abbreviation for Multi-Signature. Requiring two or more private keys for a cryptocurrency wallet to approve and send transactions. |
N |
|
|
Nation-state actors |
People who gather information on the dark web that would benefit their own country’s government. |
|
Neckbeard |
Slang term for teenage or adult men who are socially awkward, pretentious, misogynistic, and have an inflated sense of self-worth. They often have a strong interest in gaming and/or anime. |
|
Neet |
Acronym for Not in Education, Employement, or Training; Slang term referring to a person who is not advancing in life and often lives at their parents playing video games or watching anime. |
|
Newfag |
Slang term referring to a newcomer to an internet forum or game who is considered a nuisance. |
|
NFT |
Acronym for Non-Fungible Token. A digital assest representing a unique real-world or digital object held on the blockchain, usually Ethereum, allowing the buyer to own the original item. |
|
NIC |
Acronym for network interface controller; computer hardware part that connects a computer to a network. |
|
Node |
In Tor, any volunteer server in the network that help bounce and route traffic to maintain obfuscation of the clients and servers in the network. Could consist of entry, exit, relay, or bridges. |
|
NPC (gaming) |
Acronym for Non-player Character; character in a game that is not controlled by a player. |
O |
|
|
OMEMO |
Recursive acronym for Multi-End Message and Object Encryption. OMEMO is an Extensible Messaging and Presence Protocol (XMPP) extension used for secure multi-client end-to-end encryption. |
|
Onion |
Top-level domain (TLD) extension for Tor-based domain addresses. |
|
Onion Browser |
A mobile version of the Tor Browser Bundle application for iOS devices. |
|
Onion Router |
Also known as Tor; Open-source darknet network used for anonymous browsing. |
|
Onion Routing |
Networking protocol that shares data between a client and server through numerous nodes to prevent the inadvertant disclosure of either’s identity. |
|
OP |
Acronym for Original Poster; The first person who begins a thread in a forum. Some cyber operations are also referred to as “ops”. |
|
Open Source |
Any program, application, software, or data that is available to the public without purchase. |
|
OPSEC |
Acronym for OPerational SECurity; The standards and process a person or organization should implement to ensure that a security breach does not occur. |
|
OS |
Acronym for Operating System. Software interfacing with hardware and manage resources and services to run applications making them user-friendly. |
|
OTR |
Acronym for Off-the-Record Messaging. A cryptographic protocol offering privacy and security by end-to-end encrypting instant messages with additional security measures. |
P |
|
|
P2P |
Acronym for Peer-to-peer; Decentralized type of computer network where the computer acts like the server and the client. |
|
Packet |
Small amount of data routed between its origin and a destination. |
|
Packs |
Also referred to as fraud pack, darknet pack, starter pack; Collection of technical resources to learn how to start crime on the darknet. |
|
Pastebin |
Online temporary content-hosting application that allows for users to share text online anonymously. |
|
Payload |
The malware a threat actor intends to deliver to the victim. May take form of virus, keylogger, rootkit, etc. |
|
PBNs |
Acronym for Private Blog Network; a group of high authority sites that one person owns and controls where they create links to drive traffic to their main site or money site. |
|
PCP |
Slang term for Phencyclidine or phenyl cyclohexyl piperidine; dissociative hallucinogenic drug. |
|
PERSEC |
Acronym for PERsonal SECurity; Protection and control over personal information and identity. |
|
PGP |
Acronym for Pretty Good Privacy; Encryption program that provides cryptographic privacy and authentication for signing, encrypting, and decrypting data communications. |
|
Phishing Package |
Otherwise known as Phishing as a Service; Packages including templates, guides, and tutorials for an actor to carry out a phishing scam. |
|
PhaaS |
Otherwise known as phishing package; Acronym for phishing as a service; Packages including templates, guides, and tutorials for an actor to carry out a phishing scam. |
|
Phishing |
Type of fraudulant social engineering for data collection designed to trick users into revealing sensitive information to what appear to be trustworthy sources via email. |
|
PII |
Acronym for personal identifiable nformation; data tied to a specific individual that could potentially identify them. (ie. social secrity number) |
|
PIN |
Acronym for personal identification number; set of numbers used to prove identity or authenticate a service. |
|
Pirate Bay |
Can be abbreviated the TPB. A site founded by a Swedish anti-copyright group used for large file sharing of digital content such as entertainment media and gaming. |
|
Plain-text |
Information that can be read without using an decryption key but has been put into an encryption algorithm. |
|
PM |
Acronym for Private Message. |
|
PND |
Acronym for Pump-and-Dump; Fraud involving the artificial inflation and manipulation of the price of a cryptocurrency with false and misleading statements. |
|
POS (crypto) |
Acronym for Proof-of-Stake; Mechanism used to verify cryptocurrency transations. |
|
Private key |
Otherwise known as secret key; Large numerical value used to encrypt and decrypt data and is only shared with those that should have access to said data. |
|
Protocol |
Official procedure of how internet content is retrieved and then displayed to a browser. |
|
Proxy |
Application that interrupts the connection between the client and the server in prder to hide the IP address to make the internal network more secure against cybercriminals. |
|
Public key |
Large numerical value used to encrypt data and is publicly shared and used as a security tool to check legitimacy of digital messages and signatures. |
|
PWN |
Slang phrase meaning to control or dominate another person’s computer or device. |
Q |
|
|
qTox |
A free peer-to-peer instant messaging service for chat, voice, video and file transferring that is end-to-end encrypted designed to protect users from surveillance. |
|
Query |
A question or request for information asked in a particular syntax to retrieve information from a database. |
R |
|
|
Ransomware |
Type of malware that involves encrypting the files and applications on a device or networked devices and then demands payment for decrpytion. |
|
RaaS |
Acronym for Ransomware-as-a-Service; Business model for cybercriminals to hire ransomware operators to launch ransomware attacks on their behalf. |
|
Ransomware Services |
The onion services related to ransomware threat actors, where victims are announced and data is leaked. |
|
RAT |
Acronym for Remote Access Trojans; Malware program that allows access into a computer bypassesing the system’s security and allows for control over the targeted computer. |
|
RDP |
Acronym for Remote Desktop Protocol; Protocol for accessing a computer remotely and often a potential unauthorized access point. |
|
Redirect |
Continuity tool that re-directs traffic from an old website to the new one. |
|
Redpill |
Slang term for someone that has not been radicalized; reference to the movie, The Matrix. |
|
REKT |
Slang term meaning “Wrecked”. |
|
Ripper |
Darknet slang referring to a scammer. |
|
Root |
Top-level directory of a file system. |
|
Rootkit |
Reword to: Malicious program or application designed to provide persistent, unauthorized, priviledged access to a target device. |
|
Router |
Hardware used to forward packets of information along a network, directing traffic on the internet. |
|
RSA |
Acronym for Rivest–Shamir–Adleman; Public-key cryptosystem used for secure data transmission. |
S |
|
|
SCADA |
Acronym for Supervisory Control and Data Acquisition. A control system that uses computers to control equipment and gather data for time-sensitive matters, often in conjuction with critical infrastructure. |
|
Secret Key |
Otherwise known as private key; Large numerical value used to encrypt and decrypt data and is only shared with those that should have access to said data. |
|
SMTP |
Acronym for the Simple Mail Transfer Protocol. A standard communication protocol on the internet for communicating electronic mail (e-mail). |
|
SOCKS |
Acronym for Secure Over Credential-Based Kerberos Services. An internet protocol which routes network packets between a client and server using a proxy server. |
|
Stealer |
A software-based program, typically malware, that is deployed on victim devices that when executed or downloaded is designed to take credentials, cookies, and sensitive information to take advantage of the victim financially, engage in fraud, and possibly identity theft. |
|
Saas |
Acronym for Software as a Service; software delivery and licensing that is available via a subscription service. |
|
Sandbox |
An isolated and controlled operating space where potentially dangerous programs are run so that they will not cause harm to the device. |
|
Satoshi Nakamoto |
The pseudonymous creator of Bitcoin. |
|
Sauce |
Slang used in fraud and hacking community to detail the steps required for conducting fraud or program exploitation for financial gain. |
|
Scraping |
Process of collecting large data sets from websites. |
|
Script kiddie |
A person who lacks the skills to create original malicious software code, reuses code from other developers, or uses pre-installed applications. |
|
Search Operator |
Comands or parameters that can combine, filter, or exclude items to in order to narrow the results and focus of a search. In Boolean, these are AND, OR, etc. |
|
Seizure |
To take by force a website, online service or operation. It is common for law enforcement to seize specific darknet markets and services. |
|
Server |
Device that processes requests and provides a service to clients in a network. |
|
Sharding |
Scaling technique used to split database sets used by blockchain companies to reduce network congestion and enables more transactions per second. |
|
Shill |
Person who will advocate for an extreme idea without logic or reason. The person may sometimes be paid to influence a controversial conversation or convince others without publicly acknowledging their biases. |
|
SIM swapping |
Otherwise known as SIM Splitting, port-out scam, or simjacking; Form of identity theft where a cybercriminal takes over the mobile phone account of its victim by assigning the mobile number to a new sim card. |
|
Skimming |
Credit card information theft using a small device attached to a credit card transaction machine, which harvests the sensitive card data when transaction occurs. |
|
Slave (Zombie) |
One of the devices controlled by an attacker for malicious activity that is part of a group of other compromised devices which together make a botnet. |
|
Smishing |
Phishing through text messages where cybercriminals try to get the recipient to click on a malicious link. |
|
SMS Bomber |
Online tool used to send out numerous mobile phone notifications at the same time, often times used by spammers with a phishing link. |
|
Smurf (gaming) |
An experienced player who uses a different and new account to trick other players into thinking he is a new player and less experienced. |
|
SOC |
Security Operations Center. A central group of people and technology used for real-time threat intelligence analysis within an organization. |
|
Social Engineering |
Psychological manipulation of people to get them to do things or share secret information. |
|
Sock puppet |
Fake online identity created for deception and/or investigations. |
|
Software |
Applications, programs, and scripts that run on an information system. |
|
Spoofing |
Method used by cybercriminals in which they falsify the origins of network communication to mislead or misdirect the recipient into thinking they are interacting with a known and trusted source. |
|
SQL |
Structured Query Language. The standard language used in database management systems that communicates with databases. |
|
SSH |
Acronym for Secure SHell; Cryptographic network protocol that allows computers to communicate and exchange information over an unsecure network. |
|
Stablecoin |
A type of cryptocurrency that fix their value using external references. |
|
Staking (crypto) |
Action of locking up digital currency in order to influence the performance of a blockchain network and in turn earn interest. |
|
Stash |
A quantity of typically illegal materials that are hidden away to keep safe and secret. |
|
Surface Web |
Most commonly accessed layer of the internet that is public facing and searchable with standard search engines. |
|
Swarm |
When more than one threat actor attacks a network or resource all at the same time. |
|
SWIFT |
Acronym for Society for Worldwide Interbank Financial Telecommunication; messaging system used by financial institutions to transfer money and comunicate financial transaction information securely. |
|
Swiping |
Process of using stolen account information or credit card data to make fraudulent purchases and having them delivered to a criminal’s address. May also refer to the process of using stolen debit card information to collect cash out of an ATM. |
T |
|
|
Tab |
A form of LSD or ecstasy where it is soaked in a small sqaure of paper for consumption. |
|
Tails |
An operating system designed for security and to protect against surveillance. It only connects to the internet through Tor. |
|
TBB |
Confirmed datasets (ex. username + password) |
|
Telegram |
A messaging application and social communication platform that is cloud-based, available across devices, and provides end-to-end encryption for specific secret chats. |
|
TCP |
Acronym for Transmission Control Protocol; communications method for exchanging data between applications. |
|
Thread |
An online conversation involving multiple users contributions and comments, observed on darknet forums. |
|
TLD |
Acronym for Top-Level Domain. It is the last part of the domain name after the dot. e.g. .com. |
|
TLP |
Acronym for Traffic-Light Protocol. A system of protocols used in the security community to facilitate information-sharing to classify and designate information indicating how sensitive data is and when it should be shared. |
|
To The Moon (crypto) |
Slang term for profit often when cryptocurrency is expected to reach higher than a modeled or predicted price. |
|
Token (crypto) |
Virtual unit of value. |
|
Tool |
Slang term for a person with an over-inflated ego whose image of themselves exceeds that of reality and acts in accordance with their ego to make other perceives them more favorably. |
|
Tor |
Acronym for The Onion Router and maintained by the Tor Project non-profit organization. |
|
Transaction (crypto) |
Transfer of digital currency from point A to point B. |
|
Tripcode |
The hash of a unique password which allows one’s sign-in on an imageboard to be recognized without storing any data about them, allowing for signing posts anonymously. |
|
Trojan |
Otherwise known as Trojan Horse; Malicious code or software that appears to be useful but has malicious intent to cause harm. |
|
Troll |
An individual in an online community, chat, forum, or post who comments disparaging, rude, and offensive commentary so that other readers have an emotional or knee-jerk reaction. |
|
Trolling |
The deliberate act by a troll of making unsolicited and/or controversial remarks on the internet with intent to provoke an emotional response. |
|
TTP |
Acronym for Tactics, Techniques, and Procedures. |
|
Tumbler (crypto) |
Also known as cryptocurrency mixing; Service offering to blend together potentially identifiable crypto funds with others in an effort to hide the trail to the fund’s original source and make crypto harder to trace. |
|
Turtling (gaming) |
Gameplay strategy emphasizing defense, where the player waits for their opponent to take risks while avoiding risk themselves. |
U |
|
|
UDP |
Acronym for User Datagram Protocol. An internet communication protocol used for time-sensitive communications across the internet where applications can send datagrams to others on an Internet Protocol network. e.g. real-time multiplayer games and streaming media. |
|
UI |
Acronym for User Interface; Industrial design of where human interaction meets computer. |
|
UTC |
Acronym for Coordinated Universal Time. Uses International Atomic Time and Universal Time (or solar time) to act as the world’s time standard. |
|
UWU |
A cute face emoji to express happiness or warm feelings. |
V |
|
|
Valids |
Confirmed datasets (credit cards, username + password combinations). |
|
VCS |
Acronym for Version Control System; A software system used by software developers to track changes to source code and manage software deployments. |
|
Vendors |
Sellers of goods or services on darknet marketplaces. |
|
Vendor Shop |
A darknet service advertising a single type of product category or service and sold by 1-2 vendors maximum. |
|
Virus |
A malicious computer program designed to change (or corrupt) installed applications on an infected system. Self replication is possible if by design. |
|
VPN |
Acronym for Virtual Private Network. |
W |
|
|
Waifu |
Fictional female character who someone has great affection for and potentially considers a signifcant other. |
|
Warez |
Pirated software distributed online and in the darknet. |
|
Whale |
Individuals, institutions and exchanges who have uncommonly large amounts of crypto and the ability to manipulate currency valuations. |
|
Whonix |
A Linux distribution focusing on privacy by running applications anonymosly as all communications go thorugh Tor. |
|
Wikis |
Website that allows registered users to collaboratively write and edit content directly for all users to be able to see. |
|
Worm |
A malicious self-contained program originating on a single computer that searches for computers on the same (or adjacent) network and self-replicates for additional destruction. |
X |
|
|
X |
Slang term for Ecstasy; hallucinogenic and stimulant recreation drug containing 3,4-methylenedioxy-methamphetamine (MDMA). |
|
XMPP |
Acronym for Extensible Messaging and Presence Protocol. An open technology protocol used for communication and collaboration using XML. |
|
XMR |
Acronym for Monero. See: Monero |
|
XSS |
Acronym for Cross Site Scripting. A vulnerability in websites or an application that accepts user input consisting of cybercriminal’s malicious code. |
Z |
|
|
Zero-day |
Also called, 0day, a security design flaw or vulnerability that can be exploited with critical consequence, but cannot be quickly mitigated or patched by the hardware or software vendor. |
|
ZeroNet |
A darknet site that combines trackerless Bittorrent and a blockchain for decentralized persistent website content and user identities with in the network. |
|
Zite |
Websites hosted within the Zeronet decentralized network. |