From where databases are taken in the darknet

Data from attackers most often appear as a result of hacking databases or actions of insiders (for example, draining from employees of banks or telecom operators), argues Galov from Kaspersky Lab. Then such data is posted on specialized forums in the form of ads for sale or sold to resellers.

The end user has almost no way to counteract the leakage of data about himself from any resource

Be it a social network or a taxi service, noted Dvoryansky from Angara Security. “Therefore, we can proceed from the assumption that the data has already leaked, and periodically check your accounts in publicly available leak databases,” he suggests.

By itself, visiting the darknet is not considered an offense, however, for example, when buying prohibited goods, the user will be liable under the law. Participants remain anonymous due to the organization of the sites (they do not store logs, do not respond to requests from law enforcement agencies, complicate their own infrastructure for reasons of secrecy) and the caution of users who turn on VPN, do not specify personal data, etc., says Kolmakov from Group-IB.