ZDNet reported that one of the largest hosting services on the darknet, Daniel’s Hosting (DH), was hacked on the night of March 10, 2020. Unknowns gained access to the DH backend and deleted all hosting-related databases, as well as the owner’s account.
DH developer Daniel Winzen said in a blog post that he only discovered a hack in the morning when it was too late to save anything. The fact is that the hosting intentionally did not have backups. Winsen told reporters that he has yet to figure out how the cracker got into the backend. He writes that he is now focused on other projects and everyday affairs, and DH is more of a hobby, so he does not plan to spend too much time on the investigation.
The creator of Daniel’s Hosting emphasizes that the hacking did not affect the user accounts that hosted their resources on DH, but nevertheless advises to consider what happened as a data leak and recommends that former customers change passwords (if they use the same combination of credentials for different resources).
According to the developer, in the foreseeable future, DH is unlikely to work again.
“I do this project in my free time, along with the main work, and spend a lot of time keeping the server clean from illegal and fraudulent sites. I spend ten times more time deleting accounts than I could find to continue development. At this stage, I do not plan to continue this hosting project, ”says Winsen.
At the same time, the developer assures that, in general, he would like to restart the service with new features and improvements so that he no longer had to spend all his free time on administration. However, this is unlikely to happen in the coming months.
Winsen notes that users who need free dragnet hosting can use the services of other similar providers, such as Freedom Hosting Reloaded, Ablative Hosting, OneHost or IBHost.
Interestingly, this is the second major hack of DH in the past year and a half. So, at the end of 2018, hosting was attacked in the same way, and unknown attackers managed to gain access to the database and simply delete all accounts, including the server root account. Then more than 6,500 sites went offline (since there were no backups either).