Daniels Hosting, one of the largest hosting providers Dark Web, was breached by hackers this week.
The hack took place on Thursday, 15, according to Daniel Winzen, the hosting programmer.
“According to my analysis it appears that someone managed to access the base data and has deleted all accounts," it says on DH portal.
Winzen also mentions that o account root του server έχει διαγραφεί, μαζί με 6.500+ υπηρεσίες του Dark Web που φιλοξενούνταν στην platform.
"Unfortunately, all data was lost and by design, it doesn't exist copies security," said Winzen. “I will return hosting once the vulnerability is identified and fixed.”
I will make a full analysis of the log files, but based on my findings so far, I believe that the hacker was able to acquire database management rights. There is no indication that it had full access to the system and some accounts and files that were not part of the hosting remained intact.
I could reactivate the service once the vulnerability is found but first I have to find it.
So in the last two days, Winzen looks at potential vulnerabilities that the hacker used to access Daniels Hosting's hosting server.
At the moment, he detected a defect, a PHP 0Day. Details of this vulnerability were known for about a month only in the PHP programming cycles, and appeared to be released publicly on 14 November, one day before hack.
Winzen, however, does not believe he is the hacker's real entry point:
It is a vulnerability reported as a possible entry point by a user. However, I would find it unlikely to have been the real entry point, as the configuration files containing access details in the database were read only for the right users. This vulnerability did not give the necessary rights.
The German developer said that the hack could be "an opportunity to improve on some of the bad design choices of the past and start with a new improved service, which I will probably launch in December.
Note that after hacking at Freedom Hosting II, a popular Dark Web hosting provider in February of 2017, Daniels Hosting became the largest hosting provider on Dark Web.
Hack may have facilitated the fact that the Daniels Hosting source code was always open to GitHub and so could anyone read it and explore it.
_________________
- Illegal pricelists in Dark Web: Offers of illegality
- Revocation of Eric Schmidt from Chairman to Alphabet
- Windows 10 download the upcoming Wallpaper