Security Experts:

Connect with us

Hi, what are you looking for?



Meet Kilos, a New Search Engine for the Dark Web

Kilos is a new dark web search engine that goes where Google doesn’t. It was first announced by its developer on Reddit on November 15, 2019: “Introducing Kilos, a new search engine for the darknet markets.”

Kilos is a new dark web search engine that goes where Google doesn’t. It was first announced by its developer on Reddit on November 15, 2019: “Introducing Kilos, a new search engine for the darknet markets.”

Etay Maor, CSO at deep web threat intelligence firm IntSights, has taken a close look  at Kilos. It is not the first nor the only facility for searching across dark web sites, with other services like Torch and TorLinks — but it offers extensive filtering capabilities for locating specific products from within numerous dark markets.

Kilos seems to have evolved out of an earlier deep web search engine, known as Grams. “Both clearly attempt to mimic the Google aesthetic, and they are both named after weight measurement units,” writes Maor. “However, this is where the resemblance between the two ends. Kilos has taken the search concept one step further to include forums, in addition to black markets.” It isn’t clear whether the same developers are involved, or whether Kilos is competing with Grams to be more heavyweight.

Kilos dark web search engineKilos works by searching through multiple dark web markets for specified products. The visitor enters the required product or service, and the query is run through different markets and forums. “The interface is more advanced than other search facilities, with strong filtering options,” comments Maor. “For example, you can say ‘I only want to deal with people who can deal in Bitcoin, Litecoin or Monero — or can deliver to a particular country.”

It is already proving popular. Earlier this month, it claimed to be indexing 427,150 forum posts, 48,437 listings, and 1,993 vendors. At the time of IntSight’s investigation, it claimed to “have served 15,437 search queries since 10, Nov, 2019.”

The filtering capabilities are closely aligned with the filtering found in individual markets — suggesting that both leading markets and Kilos itself may be using the same filter engine. Kilos allows the user to search multiple markets at once without requiring pre-existing accounts with each market. When the right product is found and the choice is made, the user only needs to establish one market account to fulfill the order.

“But beware,” warns Maor. “When I set accounts with lower grade markets using a false email, I immediately had a warning that someone had tried to access my email account. Clearly, the market admins were using the password I set for the market to see if they could get into my email. There is no honor among thieves.”

One interesting aspect of Kilos is the provision of top search lists for the latest week. “The current list is dominated by drugs — which remains the main cause of dark web usage,” said Maor, “but lower down the list was evidence of searches for ‘gun’, ‘passport’ and ‘bank drop’ (that is, card details). Kilos helps locate the target. The user then simply has to join the market concerned to make the purchase.”

This raises the question of whether law enforcement could itself benefit from the existence of Kilos. “Everything that happens here to the benefit of the criminals could potentially benefit law enforcement,” said Maor. “For example, a jump in top-rated searches within a specific timeframe would indicate potential criminal interest — this could be relevant to new types of malware being promoted in forums. Knowing where products of interest are being sold could help investigations into the specific vendors, while the potential for correlating cryptocurrency movements might provide further insights.” The large agencies will already have their agents within the markets and forums — but the search engine might help aggregate the information they collect and make things a little easier.

One thing not currently clear is how Kilos will be funded. It is possible that it could take a small amount from the markets for promoting them. But it will almost certainly be through advertising from the sellers. A note on the home page is currently offering a free promotional advertising credit for vendors.

“The emergence of Kilos,” Maor told SecurityWeek, “demonstrates that the market economy in the dark web is still vital. While some criminals are moving to P2P to better hide from law enforcement, it is not a mass migration. Advanced sellers that know their buyers will use P2P; the rest will probably not. The advantage of vendor reviews and trust building within the markets will not be easily abandoned. Where there is no trust (if the buyer and seller don’t know each other) then markets can and do offer escrow services. Both the money and the product are placed in escrow, perhaps with the market’s admins, who fulfil the deal for a small charge.”

Related: Study Finds Rampant Sale of SSL/TLS Certificates on Dark Web 

Related: Keeping it on the Down Low on the Dark Web 

Related: 21 Million Stolen Fortune 500 Credentials For Sale on Dark Web 

Related: How to Evaluate Threat Intelligence Vendors That Cover the Deep & Dark Web

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...