The database of Daniel\u2019s Hosting, a now-defunct free hosting provider for dark web services, has been leaked online. The leak revealed admin passwords, emails, and other sensitive data that can help find the people behind the dark web sites and services.<\/p>\n
<\/p>\n
According to ZDNet, a hacker going by as KingNull published<\/a> the data stolen from Daniel\u2019s Hosting (DH) on May 31st. Analysts from security firm Under the Breach have found that it included 3,671 emails, 7,205 account passwords, and 8,580 private keys tied to dark web domains.<\/p>\n KingNull reportedly obtained the data after breaching<\/a> the hosting provider\u2019s backend database on March 10th. Back then, the hacker wiped DH\u2019s database killing seven thousand websites and made a copy of the data for themselves. Two weeks after the March breach, Daniel Winzen, the owner of Daniel\u2019s Hosting, shut down the service and warned users that their personal data have been compromised.<\/p>\n Importantly, these data can help trace the owners and operators of the websites in question. This may be unfortunate to some since privacy and lack of censorship are arguably the main benefits of having a dark web domain, which is otherwise just an unfriendly-looking string of characters like 3g2upl4pq6kufc4m.onion.<\/p>\n This is a big problem for operators of illegal websites, but also for the owners of resources that use the dark web to circumvent censorship and political oppression. DH is known to have hosted political opposition websites and a few crypto-forums, but illegal resources weren\u2019t allowed.<\/p>\n “[DH] is a free-time project I do next to my full-time job, and it’s very time consuming to try and keep the server clean from illegal and scammy sites,”<\/i><\/b> Winzen <\/i>wrote<\/i><\/a>.<\/i><\/p><\/blockquote>\n Another problematic consequence of the data leak is that the passwords and emails revealed can be used to break into their owners\u2019 accounts with other services, especially if the same passwords have been used across multiple websites.<\/p>\n After shutting down the hosting service, Daniel Winzen advised former users to move to other free hosting providers. He also posted the download link for his project in case somebody would like to continue his work. There is also a chance that the original creator will launch the service back again, but there isn\u2019t much certainty.<\/p>\n “I’m still planning on relaunching the service at a later time with new features and improvements […] Not having to administrate the services all the time will hopefully give me more time for actual development. However, it may take months before I’m ready to relaunch,\u201d <\/i><\/b>Daniel <\/i>told<\/i><\/a> ZDNet in March.<\/i><\/p><\/blockquote>\n Earlier in May, hackers stole<\/a> the paid subscribers database from a crypto-media outlet The Block. The database was obtained after a phishing attack targeting The Block\u2019s co-founder and CTO Jake McGraw. The leak included data on users who paid more than $1000 to view paid content. The adversaries supposedly aimed to use the information to find and target cryptocurrency holders. The leaked database was reportedly sold<\/a> for $5000.<\/p>\n Disclaimer: <\/i><\/b>This piece is meant to educate and inform. Forklog.media does not encourage the use of dark web services for illegal activities<\/i>.<\/p>\n Follow us on\u00a0<\/b>Twitter<\/b><\/a>\u00a0and\u00a0<\/b>Facebook<\/b><\/a>\u00a0and join our\u00a0<\/b>Telegram channel<\/b><\/a>\u00a0to know what\u2019s up with crypto and why it\u2019s important.<\/b><\/p>\n","protected":false},"excerpt":{"rendered":" The database of Daniel\u2019s Hosting, a now-defunct free hosting provider for dark web services, has been leaked online. The leak revealed admin passwords, emails, and other sensitive data that can help find the people behind the dark web sites and services.<\/p>\n","protected":false},"author":6,"featured_media":8931,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"","cryptorium_level":"","_short_excerpt_text":"","creation_source":"human_written","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1111,1117,43],"class_list":["post-8929","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-cybersecurity","tag-dark-web","tag-hackers"],"aioseo_notices":[],"amp_enabled":true,"views":"749","promo_type":"1","layout_type":"","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/8929","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/comments?post=8929"}],"version-history":[{"count":3,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/8929\/revisions"}],"predecessor-version":[{"id":8934,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/8929\/revisions\/8934"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media\/8931"}],"wp:attachment":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media?parent=8929"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/categories?post=8929"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/tags?post=8929"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}