A massive breach affected 6,500 dark web websites last week. Unknown attackers compromised Daniel’s Hosting, one of the biggest hosting services in the dark web and completely wiped out the server’s root account. All of the data is lost, and there are no backups available to restore the websites.
Daniel’s Hosting operator Daniel Winzen who is a software developer by profession revealed "As per my analysis it seems someone got access to the database and deleted all accounts. Unfortunately, all data is lost, and per design, there are no backups, I will bring my hosting back up once the vulnerability has been identified and fixed."
With the vulnerability affecting Daniel’s Hosting currently unknown, there is no word on when the hosting service will be back up. So far, only one PHP zero-day vulnerability has been identified. The details of the possible vulnerability have been known in the Russian PHP programming community for about a month.
The PHP vulnerability was reported to be a point of entry for attackers, and Daniel’s Hosting was, in fact, vulnerable to it. However, Winzen feels it is unlikely as the attackers used the configuration files in the hosting service’s database to break in. The operator has promised more updates as he continues to investigate the break-in. Daniel’s Hosting is likely to be back to improve on some of the bad design choices made by the service, and an all-new setup is expected sometime in December.
This is not the first time a dark web hosting service has been affected. Prior to Daniel’s Hosting being attacked, Freedom Hosting II suffered a massive attack which led to DH becoming the number one hosting provider in the dark web in February 2017.
What do you think about the attack on Daniel’s Hosting? Let us know in the comments below. Also, don’t forget to follow TechNadu on Facebook and Twitter to stay updated on the latest happenings in tech.