This .Onion Farmer Is Squatting on 40 Million Dark Web Domains
One entrepreneurial user is creating 'readable' Tor hidden service domains.
The .onion domain site. Image: author
It's always pioneers that have shot at making the cash. It happened with early adopters of Bitcoin, and now, on a slightly lesser scale, someone is trying to cash in on Tor hidden service addresses, by selling the keys to tens of millions of pre-generated dark web domains.
Typically, Tor hidden service addresses are just 16 characters of gibberish, followed by the .onion suffix. But it's possible to generate a so-called "vanity" address, which contains a specific word or couple of terms. Plenty of the dark web drug markets do this, usually with the name of the market featured predominantly at the start of the domain name.
The domains are sold through a site called, rather unsurprisingly, "Onion Domains For Sale." They include prophetic terms, such as "iphonev7." Others imply what sort of content they might be used to host, like "shysexy4me," and some are just downright bizarre, such as "senorlunehorrors."
When generating .onion domains, you can't simply choose whatever address you'd like. Instead, it requires more and more computing power to create ones with increasingly specific characters, so it appears that the creator is churning through as many as he can, and then stockpiling all the decent ones he gets. In all, the site's creator claims to have 40 million different .onion domains for sale.
"I just felt it may be a service," the creator, who goes by the name Eros Eroy Modzincy, told Motherboard in an email.
Modzincy is generating a number of these addresses in advance, with the hope that someone, somewhere, will want to buy one. In a way, it can be compared to domain squatting: when someone purchases a domain in anticipation that a company or individual will want to use it themselves later on, and have to buy it from them.
Last week, the Internet Assigned Numbers Authority (IANA)—a department of the Internet Corporation for Assigned Names and Numbers (ICANN)—as well as the Internet Engineering Task Force (IETF), designated the .onion domain as a "Special Use Domain," formally legitimizing its use.
When broken down from the original 40 million figure of domains, not all of them might be desirable, however. 197 thousand of the domains have 16 "readable" characters, meaning that the 16 characters make up at least a few cogent terms, rather than seemingly random letters. There are also 2.9 million and 20 million domains for those with 15 and 14 readable characters respectively.
But there is a security concern that any potential customer should seriously consider. When someone generates a .onion domain, they also create the corresponding private key, which asserts their ownership over the domain. When hidden service domains are created, rather than having an authority keep track of who owns what, the domain is instead owned by whoever possesses the matching key. Naturally, even though Modzincy says he will delete his own copy of the key, there's every chance he might not.
"The problem with the service is that it fully relies on trusting the party selling the key to securely delete it and have no other copies," Thomas White, a Tor hidden service developer, told Motherboard over encrypted chat.
Armed with this key, an attacker could potentially mess around with your site. Indeed, Modzincy redirects traffic from several of the domains he has generated to his advertising site, to show that he does own them, and he also acknowledged that the customer has to simply trust him to delete the key. But if you're running an illegal business on the dark web, such as, say, a weapons market, buying your domain from Modzincy might not be the best idea.
Even if Modzincy's business doesn't take off, it might serve as a piece of inspiration for future dark web projects. Fancy buying some shoes from "udoheels4great5d.onion" anyone?