Daniel’s Hosting, one of the largest hosting service providers on Dark Web has come under a massive cyber attack forcing its website along with over 6,500 websites hosted on its server to go offline but the damage is way more than that.
The hosting administrator, a German software developer Daniel Winzen has acknowledged the attack and stated on the company’s website that the hack took place on November 15th after hacker(s) found a critical vulnerability and deleted all the data from the server.
“The account “root” has been deleted,” wrote Winzen. “To this day around 6500 Hidden Services were hosted on the server and there is no way to recover from this breach, all data is gone.”
Although it is unclear what type of vulnerability was exploited Winzen noted that hackers gained root access via phpMyAdmin and used it to delete everything on the database. “I might re-enable the service once the vulnerability has been found, but right now I first need to find it,” explained Winzen.
Daniel’s Hosting is known for hosting a variety of Hidden Services on Dark Web including politics, malware boards, and even cybercrime related platforms. However, there has been no word on who could be the culprit and why this specific hosting was targeted. Winzen, on the other hand, is urging hackers and IT security researchers to help him identify the vulnerability.
This is not the first time that a Dark Web hosting provider has come under such a massive cyber attack. In February 2017, the online hacktivist group Anonymous hacked Freedom Hosting II, (that was largest hosting firm on Dark Web at that time) and shut down 11,000 or nearly 20% of all Dark Web websites running child pornography.
Moreover, Anonymous also leaked a majority of data from Freedom Hosting II, which included over 380,000 user records. In March 2017, a report revealed that after the cyber-attack on Freedom Hosting II, the number of hidden services on the Dark Web was lowered significantly.