The emergence of the dark web at the beginning of the 21st century is considered to be one of the most significant developments in the history of the digital revolution. What was initially perceived as an experimental and legitimate response to the increased government control over the Internet in time has become a source of a broad spectrum of computer-related crimes. This was mostly caused by the fact that the Onion Router (TOR), Invisible Internet Project (I2P), Freenet or—more recently—ZeroNet provide users with a set of tools enabling anonymous and safe communication. Cybercriminal underground quickly realized that these technologies substantially facilitate the exchange of illicit goods, services, and content. Effectively, the dark web has become an online communication layer known not for the freedom of speech but rather for popular drug markets, firearm vendors, leaked databases, or illegal pornography.
Unique technical traits of the dark web have also attracted attention from Salafi-jihadist violent extremist organizations (VEOs) that are in constant search of new technologies allowing safer and more persistent communication with their sympathizers and members. They have experimented with this environment for more than a decade. One of the first to do so was al-Qaeda, as its affiliated message boards moved “under the surface” during the War on Terror. However, this trend has become increasingly visible since the advent of the Islamic State’s (IS) campaign, which maintained at least several services in TOR, including the infamous Isdarat. At the time also the popular Shumukh al-Islam message board was available in this environment. Moreover, recent reports suggest that terrorist organizations have also attempted to utilize the potential of the rapidly developing ZeroNet