The hacker responsible for the second breach of the Dark Web's largest hosting provider leaked its database. According to ZDNet's latest report, the database of Daniel's Hosting (DH), the largest free web hosting provider for dark web services, was leaked by a cyber attacker on Sunday, May 31.
Also Read: Minnesota Riot: Facebook Defends Trump's Posts on George Floyd's Death; Drone Sent to Minnesota Returns Quickly to Base
Daniel Winzen, owner of DH, confirmed that the hacker breached his portal, stole its database and wiped all servers on March 10. Daniel's Hosting shut down its service for good on March 26, two weeks after the incident. The decision of DH pushed other users of the dark web to move their sites to a new hosting provider.
Also Read: [HACKER] Super-CyberAttacker Who Stole 1 Million Private Data Exposed After a Facebook Mistake: Here's How He Got Caught
After DH's shutdown, almost 7,600 websites followed the hosting provider; that is a third of all dark web portals. The hacker going by the name of "KingNull" released a copy of the stolen database of DH on a file-hosting portal on Sunday, March 31.
The leaked data included 7,205 account passwords, 3,671 email addresses, and 8,580 private keys for onion (dark web) domains, according to a cursory analysis of the data dump.
"The leaked database contains sensitive information on the owners and users of several thousand darknet domains," said the threat intelligence firm Under the Breach.
Largest hosting provider of dark web breached for the second time; Provider's database was leaked and 7,600 sites were down
According to a previous report of ZDNet, DH shut down 7,600 sites after getting hacked for the second time in 16 months. Winzen said that the hosting-related databases were deleted after the hacker accessed the backend of DH. The report also stated that the hacker created a new account for future operations after deleting Winzen's database account. Meanwhile, Daniel Winzen said that the dark web hosting service will remain down until further notice.
"This is a free-time project I do next to my full-time job, and it's very time consuming to try and keep the server clean from illegal and scammy sites," explained Winzen. "I spend 10 times more time on deleting accounts than I can find time to continue development. At this time I do not plan on continuing the hosting project."
Under the Breach said that the hacker can use the leaked data to tie the owner's stolen email addresses to certain dark web portals. It was also explained that if the users continued to use the old password, hackers could still take over their new accounts by cracking the leaked DH hashed passwords even if they moved their dark web portals to new hosting providers.