In a classing case of hacker breaking into another hacking service, a cybercriminal has leaked online the database of the largest free web-hosting provider for Dark Web services that contains email addresses, site admin passwords, and .onion domain private keys.
The hacker going by the name of KingNull breached Daniel’s Hosting (DH), stole the database, and then wiped all servers, reports ZDNet. Around 7,600 websites, a third of all Dark Web portals, went down after the hacking.
DH has shut down its service, urging users to move their sites to new dark web hosting providers.
“The hacker uploaded a copy of DH’s stolen database on a file-hosting portal and notified ZDNet”.
The leaked data includes 3,671 email addresses, 7,205 account passwords, and 8,580 private keys for .onion (Dark Web) domains.
The data dump can be used to tie the owners of leaked email addresses to certain dark web portals.
“This information could substantially help law enforcement track the individuals running or taking part in illegal activities on these darknet sites,” said Under the Breach which is a data breach monitoring and prevention service.
The hack was the second time that DH suffered a security breach. The site had been previously hacked in November 2018.
In 2017, the same Anonymous hacker took down Freedom Hosting II after discovering that the hosting provider was sheltering child abuse portals, said the report.