The largest free web hosting provider for dark web services has been hacked.
Daniel’s Hosting was hacked in March this year, and its database was subsequently leaked online. Apparently, a hacker known as KingNull not only breached the portal and stole its database, but also wiped all servers.
Daniel’s Hosting Hack Leads to Permanent Shutdown
As a result of these unfortunate events, Daniel Winzen, the owner of the dark web hosting had to shut down his service permanently. Users of Daniel’s Hosting were pressed to move their websites to other dark web hosting providers. This means that some 7,600 websites went down after the shutdown of Daniel’s Hosting, which makes approximately a third of all dark web portals.
Since ZDNet was the first to report the March hack of Daniel’s Hosting, the hacker currently uploaded a copy of the stolen database, and notified the media about it. An analysis of the data dump shows that 3,671 email addresses were leaked, including 7,205 account passwords, and 8,580 private keys for .onion (dark web) domains, ZDNet reported.
Privacy experts point out that the leaked details are quite sensitive, and can be used to link the owners of the email addresses to specific dark web portals. Furthermore, the information could even help law enforcement track individuals running or taking part in illegal activities.
If the site owners moved their sites to new dark web hosting providers without changing their old passwords, hackers could take over their accounts. The latter would be possible if hackers crack the leaked DH hashed passwords.
There’s another side to this story. The leaked data could endanger the owners of dissident and political sites which were also hosted on Daniel’s Hosting. The data breach could expose their identities, and put individuals at risk of oppressive regimes.
This is not the first time Daniel’s Hosting gets hacked. The dark web hosting was also hacked in November 2018, when someone got access to the database and deleted all the accounts, including the server’s root account.
The impact of the hack was quite serious, as all of the Dark Web services hosted there were gone. The number of lost services was bigger than 6,500, and because of the design, there were no available backups.