Daniels Hosting, one of the largest Dark Web hosting providers, was hacked by hackers this week.
The hack took place on Thursday, 15, according to Daniel Winzen, the hosting programmer.
"According to my analysis, it seems that someone has managed to access the database and has deleted all the accounts," he said. DH portal.
Winzen also reports that the server's root account has been deleted, along with 6.500 + Dark Web services hosted on the platform.
"Unfortunately, all the data was lost and by design, there are no backups," Winzen said. "I will return the hospitality as soon as the vulnerability is identified and corrected."
I will make a full analysis of the log files, but based on my findings so far, I believe that the hacker was able to acquire database management rights. There is no indication that it had full access to the system and some accounts and files that were not part of the hosting remained intact.
I could reactivate the service once the vulnerability is found but first I have to find it.
So in the last two days, Winzen looks at potential vulnerabilities that the hacker used to access Daniels Hosting's hosting server.
At the moment, he detected a defect, a PHP 0Day. Details of this vulnerability were known for about a month only in the PHP programming cycles, and appeared to be released publicly on 14 November, one day before hack.
Winzen, however, does not believe he is the hacker's real entry point:
It is a vulnerability reported as a possible entry point by a user. However, I would find it unlikely to have been the real entry point, as the configuration files containing access details in the database were read only for the right users. This vulnerability did not give the necessary rights.
The German developer said that the hack could be "an opportunity to improve on some of the bad design choices of the past and start with a new improved service, which I will probably launch in December.
Note that after hacking at Freedom Hosting II, a popular Dark Web hosting provider in February of 2017, Daniels Hosting became the largest hosting provider on Dark Web.
Hack may have facilitated the fact that the Daniels Hosting source code was always open to GitHub and so could anyone read it and explore it.