Blackout On The Dark Web

Uploaded on 2019-01-14 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Hackers have deleted more than 6,500 sites being held on a popular dark web server. Called Daniel's Hosting, the site was sitting on the hidden Tor network and many people used it to host pages they did not want to publish on the wider web.

Administrator Daniel Winzen said no back-ups were kept of the pages it hosted. He said the site should be back in service in December.
 
"Around 6,500 hidden services were hosted on the server," wrote Mr Winzen in a message put on the welcome page of the web companion to the site. "There is no way to recover from this breach, all data is gone."

Tor, or The Onion Router, is a way of organising web-like pages so it is hard to work out where the information is located and who is running them. Web pages sited on the Tor network get an a.onion suffix. The Tor browser also lets people browse the web in a way that conceals their location and obscures their identity. 

Daniel's Hosting became one of the most popular sites for, a.onion site owners, after the previously biggest host went offline in early 2017.

Daniel's hosted a very wide variety of material including fan fiction, political tracts, philosophy books, porn, hacked files, videos, web marketplaces, crypto-cash forums and places where whistleblowers could leave documents. Mr Winzen told the BBC that he was still trying to work out how hackers had accessed the site on 15 November, when all the data was deleted.

"As of now, I haven't found the vulnerability," he said.

The prime candidate is a newly discovered vulnerability in PHP, a computer scripting language used for website development, that was being circulated in some hacker circles shortly before Danwin was attacked. However, Mr Winzen told ZDNet that he was not sure that this was the route the hackers took to gain access. When the site returns, he said he would take the chance to change "some bad design choices of the past" and improve how it runs.

It is also not clear who broke into Daniel's Hosting or why the data was deleted. The Anonymous hacking collective has been behind takedowns of other dark web hosts but, so far, there is no sign of that group's involvement in this attack.

BBC:

You Might Also Read:

Dark Web Dealers Voluntarily Ban Deadly Fentanyl:

 
« UK Launches Long-Awaited Cyber Skills Strategy
Russia Supported Trump Election Campaign »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Phoenix TS

Phoenix TS

Phoenix TS offers world-class management, computer, and IT security certification training courses.

Zymr

Zymr

Zymr specialize in cloud computing solutions including Cloud Security, Cloud Mobility, Cloud Apps, Cloud Infrastructure and Cloud Orchestration.

Japan Information Security Audit Association (JASA)

Japan Information Security Audit Association (JASA)

JASA is non-profit association active in developing and managing the quality of Information Security Auditing and Auditors in Japan.

Qatar Computing Research Institute (QCRI)

Qatar Computing Research Institute (QCRI)

QCRI perform cutting-edge research in such areas as Arabic language technologies, social computing, data analytics, distributed systems, cyber security and computational science and engineering.

ShadowDragon

ShadowDragon

ShadowDragon develops digital tools that simplify the complexities of modern investigations that involve multiple online environments and technologies.

achelos

achelos

achelos is an independent software development company providing innovative technical solutions for micro-processor chips / security chips and embedded systems in security-critical application fields.

Bangladesh Association of Software & Information Services (BASIS)

Bangladesh Association of Software & Information Services (BASIS)

BASIS is the national trade body for Software & IT Enabled Service industry of Bangladesh.

CI-CERT

CI-CERT

CI-CERT is the national Computer Incident Response Team for Cote d'Ivoire.

Bitcrack

Bitcrack

Bitcrack Cyber Security helps your company understand and defend your threat landscape using our key experience and skills in cybersecurity, threat mitigation and risk.

Ridge Global

Ridge Global

Ridge Global works with C-suite executives and corporate directors to build more resilient organizations through innovative preparedness, protection, response and education capabilities.

ProCheckUp

ProCheckUp

ProCheckUp is a London-based independent provider of cyber security services, including IT Security, Assurance, Compliance and Incident Response.

Gradient Cyber

Gradient Cyber

Gradient Cyber is a trusted cybersecurity partner specializing in small businesses and mid-market enterprises concerned about cybersecurity but lacking the staff to give it the attention it deserves.

StrongBox IT

StrongBox IT

Strongbox IT provides solutions to secure web applications and infrastructure.

CyberSecureRIA

CyberSecureRIA

We founded CyberSecureRIA specifically to secure and support RIAs. We exist to secure SEC-registered RIAs, and keep them compliant with cybersecurity regulations.

Insurica

Insurica

INSURICA is a full-service insurance agency built upon a tradition of integrity, industry leadership, and excellence.

Twinstate Technologies

Twinstate Technologies

Twinstate Technologies specializes in cybersecurity, proactive IT, and hosted and on-premise voice solutions.