Posted on 06-02-2020.
The database of Daniel’s Hosting, a now-defunct free hosting provider for dark web services, has been leaked online. The leak revealed admin passwords, emails, and other sensitive data that can help find the people behind the dark web sites and services. According to ZDNet, a hacker going by as KingNull published the data stolen from Daniel’s Hosting (DH) on May 31st. Analysts from security firm Under the Breach have found that it included 3,671 emails, 7,205 account passwords, and 8,580 private keys tied to dark web domains. KingNull reportedly obtained the data after breaching the hosting provider’s backend database on March 10th. Back then, the hacker wiped DH’s database killing seven thousand websites and made a copy of the data for themselves. Two weeks after the March breach, Daniel Winzen, the owner of Daniel’s Hosting, shut down the service and warned users that their personal data have been compromised. Importantly, these data can help trace the owners and operators of the websites in question. This may be unfortunate to some since privacy and lack of censorship are arguably the main benefits of having a dark web domain, which is otherwise just an unfriendly-looking string of characters like 3g2upl4pq6kufc4m.onion. This is a big problem for operators of illegal websites, but also for the owners of resources that use the dark web to circumvent censorship and political oppression. DH is known to have hosted political opposition websites and a few crypto-forums, but illegal resources weren’t allowed.
"[DH] is a free-time project I do next to my full-time job, and it's very time consuming to try and keep the server clean from illegal and scammy sites," Winzen wrote.Another problematic consequence of the data leak is that the passwords and emails revealed can be used to break into their owners’ accounts with other services, especially if the same passwords have been used across multiple websites. After shutting down the hosting service, Daniel Winzen advised former users to move to other free hosting providers. He also posted the download link for his project in case somebody would like to continue his work. There is also a chance that the original creator will launch the service back again, but there isn’t much certainty.
"I'm still planning on relaunching the service at a later time with new features and improvements [...] Not having to administrate the services all the time will hopefully give me more time for actual development. However, it may take months before I'm ready to relaunch,” Daniel told ZDNet in March.Earlier in May, hackers stole the paid subscribers database from a crypto-media outlet The Block. The database was obtained after a phishing attack targeting The Block’s co-founder and CTO Jake McGraw. The leak included data on users who paid more than $1000 to view paid content. The adversaries supposedly aimed to use the information to find and target cryptocurrency holders. The leaked database was reportedly sold for $5000. Disclaimer: This piece is meant to educate and inform. Forklog.media does not encourage the use of dark web services for illegal activities. Follow us on Twitter and Facebook and join our Telegram channel to know what’s up with crypto and why it’s important.