Show vulnerabilities with patch / with exploit
26 March 2020

Popular dark web hosting provider shuts down after second hack


Popular dark web hosting provider shuts down after second hack

Daniel’s Hosting (DH), the largest free web hosting provider for dark web services, went out of business after being hacked for the second time in 16 months, ZDNet reports.

Nearly 7,600 dark web sites have been taken offline following the attack, during which an entire database was deleted from the web host portal by an attacker.

According to Daniel Winzen, the founder of DH service, the incident transpired earlier this month, March 10, at about 03:30 am UTC. An attacker has deleted all hosting-related databases on the hosting website following the compromise. Later, the attacker deleted Daniel Hosting's database account and created a new one for future use.

Winzen said he discovered the attack next morning, but by that time most of the data had been already lost. Winzen is still unaware of how the hack happened or which hacker group is behind it. However, since he treats the hosting service as a part-time hobby, he decided not to move forward with further investigation.

Winzen also said that the hack only affected the DH backend database account, but not the accounts of users who had been hosting sites on the DH hosting platform. However, he recommended users to treat the passwords as “leaked” and change them if they used the same password for other accounts.

For now, the DH’s operator has no intention of continuing with the hosting project. Instead, he has plans to relaunch the service at a later date with more features and improvements.

This is not the first time when Daniel’s Hosting had fallen victim to a breach. In November 2018, a hacker similarly breached the site's backend database server and deleted all sites. More than 6,500 websites went offline at the time.

Back to the list

Latest Posts

Vulnerability summary for the week: March 27, 2020

Vulnerability summary for the week: March 27, 2020

Weekly vulnerability digest.
27 March 2020
Unpatched iOS bug prevents VPN apps from encrypting all traffic

Unpatched iOS bug prevents VPN apps from encrypting all traffic

Affected versions of iOS fail to close existing internet connections when a user connects to a VPN.
27 March 2020
Rare BadUSB attack detected in the wild

Rare BadUSB attack detected in the wild

This case is a perfect example of how simple social engineering, a Best Buy gift card, and an BadUSB device could be used to compromise a company.
27 March 2020