Home » Featured » Major Darknet Host Hacked, Data Exfiltrated
Click Here To Hide Tor

Major Darknet Host Hacked, Data Exfiltrated

 

Deep Hosting, a major darknet host on the Tor network, was hacked recently and data from some of the hidden sites and linked databases hosted on the server were exfiltrated. A hacker named Dhostpwned was able to take over the Deep Hosting servers by using a PHP shell and a Perl shell. The hacker registered for a shared hosting account on Deep Hosting and then uploaded the PHP shell and the Perl shell.

Deep Hosting has determined that the hacker was unsuccessful in executing the Perl shell, but was successful in executing the PHP shell. “A large part of the PHP shell is unusable since a certain number of functions are blocked on the shared servers but one function was not blocked. The attacker was able to access the server and execute a command with limited rights,” Deep Hosting announced on a page on their wiki. A day went by before the administrators of Deep Hosting realized the hack was occurring on their server. Once Deep Hosting realized they had been hacked and found the source of it, they changed passwords for all FTP and SQL services for all Deep Hosting user accounts.

Dhostpwned told Bleeping Computer that he had stolen 91 hidden sites from Deep Hosting’s servers. A majority of those 91 hidden sites are currently down, having gone offline when Deep Hosting changed passwords for all SQL services. Among the 91 hidden sites that were affected by, and knocked offline by, the hack included hacking forums, drug marketplaces, carding markets, and malware repos. Dhostpwned also told Bleeping Computer that Deep Hosting’s shared hosting services had appalling security.

One of the 91 hidden sites to go down from the hack was the MNG darknet market. The MNG market hosts listings for a variety of illicit products. MNG market used a Virtual Private Server (VPS) hosted by Deep Hosting. According to Dhostpwned, the administrators of MNG market had forgotten to change the default password for their VPS box. The hacker uploaded a text file named kek.txt, the contents of which said “gg -deephosting security is shit”. Not long after the hacker posted the text file taunting Deep Host and their poor security, that server also went down. Dhostpwned claimed that he “accidentally” wiped the master boot record for MNG market’s server.

Dhostpwned has not released a dump of any of Deep Hosting’s files, nor of the files of Deep Hosting’s users. The hacker claims he has no intentions of releasing a dump in the future either. This of course is not the first time a major darknet hidden services host has been hacked and taking down a large number of hidden sites. In 2011 hackers took down Freedom Hosting, and in 2013 a group of hackers associated with the hacker group Anonymous took down Freedom Hosting II. The hacking of Freedom Hosting II brought down what at the time was 15-20% of all of the hidden sites hosted on the Tor network.

The Anonymous hackers claimed that over half of the sites being hosted by Freedom Hosting II were serving child pornography, despite Freedom Hosting II proclaimed policy of having zero tolerance for child pornography. The hackers released a torrent of a database dump from Freedom Hosting II. The hackers believe that Freedom Hosting II was being run by one person. The hackers who took down Freedom Hosting II also believe that one person also was well aware of the child pornography being hosted on their servers, since many of the sites hosting child pornography exceeded the quota of disk space for free hosting, and would have been from paid hosting accounts.

Below is a list of the 91 hidden sites affected by the Deep Hosting hack:

23mg64vxd2t6kurv.onion.market

27msssu6jaqhuk6m.onion.market

33qvlt5je5kif3jq.onion.market

3kqpypputjn2dhpp.onion.market

5ehtvrvuf2ef5h4h.onion.market

5xwgogyjnfcvrmvj.onion.market

654krjf5q6iupjot.onion.market

66xflun3ot54h6re.onion.market

6ccxadxrr4g3qm7d.onion.market

acteamwneyw3ik2w.onion.market

alphaor4wguil6wo.onion.market

anpbcfvqjg2txyw4.onion.market

aom6u55durkqpwaz.onion.market

assassinuyy7h425.onion.market

azo3mftev62hfckw.onion.market

azvjv2ji2ucukemz.onion.market

b6kbmmeh5qivsr47.onion.market

bzp2k3z63s4js3mo.onion.market

c7wgwx7zlmqntrm5.onion.market

cardobgwrjlzzqfl.onion.market

cbossftu5bjk5nx6.onion.market

ccguruetr5jwye5g.onion.market

cd2bkzxjx7vq3gxc.onion.market

cerberxypcgoxiw5.onion.market

clonedxpjlq5764s.onion.market

dc5clejbfoaxcqbk.onion.market

dhostov5qbwwyhcw.onion.market

dhwikikgqceifior.onion.market

dpanely75rdnw7yv.onion.market

dxke6tzygtgqvb6a.onion.market

e5nocpxm3rccdjeq.onion.market

e6wdnr4mcrzzefkt.onion.market

eurx66uednuvulfh.onion.market

feap5rllvmqi7lka.onion.market

g3n3bnjwhwokjco7.onion.market

g6ipitbghd6qutma.onion.market

gadmai6ebvzji6v6.onion.market

gbpoundzv2ot73eh.onion.market

gdbvx3pywrphpd5a.onion.market

hwikikijkk5g6acr.onion.market

iacwsvpfd4q43oer.onion.market

icloud4ho7bmn662.onion.market

imlz5jkbdcgl2c7s.onion.market

ji4qnwqney7siu2r.onion.market

jqcpeb5d77npwgyi.onion.market

k6sblsjcsgqpeym7.onion.market

kshdh4ipnl62xu2i.onion.market

lxhbgl43362zhmoc.onion.market

lxtrcj4uf3kxdhth.onion.market

mngmt4bouza7mobn.onion.market

mpt374ndlhhaxcsd.onion.market

mxs3tmyprhbne25m.onion.market

mz252nufkj42unlf.onion.market

n7gaof3th7hbktct.onion.market

nddgne7tasavd65z.onion.market

nfi3plp7famvohxm.onion.market

openwikicra5e6y2.onion.market

pacho2llwjm3c7ko.onion.market

q7ozu2gu7xt74gxk.onion.market

qyhaps2d7mzwwund.onion.market

rampshqaygkfwphb.onion.market

rj3herig755gboy5.onion.market

rothminhoy6dq45c.onion.market

scant2tnmpah5uao.onion.market

sholq4wfbybbzvj7.onion.market

shops64lgjykjrkp.onion.market

sux4lbtmxux5ou4f.onion.market

teekvknyeypyzpst.onion.market

teranovif5tsxdb6.onion.market

terrafmx663yli7u.onion.market

tgfc3mn2c6m6zga5.onion.market

tnmarkyzsx7xfbdg.onion.market

torwikica2juwzcg.onion.market

trinixy73gm6z4fq.onion.market

twiljiy37asd3t24.onion.market

ucdanzi5vdstr2gl.onion.market

unoppqar7cy3zvux.onion.market

vkzw2vhqqt7vvirr.onion.market

vn4bhyvlquetya7e.onion.market

vzpqzsukomqmlocz.onion.market

warezj5fngb44vn5.onion.market

webde3vkni6mhr3v.onion.market

xigjkusfkt2zvcvn.onion.market

xosnp3buimehxvma.onion.market

xwl45tkgnd7dv5ta.onion.market

y4rxzpod66bxgr4q.onion.market

zaoklnavsgzaxhf4.onion.market

zerodwbjcejayq7v.onion.market

zhqwte56j3xbnzdu.onion.market

zi5ivi3ufa7ijqys.onion.market

zoyel6xobic62353.onion.market

3 comments

  1. Good thing?!

    The addresses, look like scam sites.
    #FUCKscammers

  2. I see ramp among them

  3. M.N.G it’s very good market

Leave a Reply

Your email address will not be published. Required fields are marked *

*

Captcha: *