Host service dark web is hacked, data is stolen
Deep Hosting, a dark web hosting service, has admitted that they have a security problem.
The attack took place on Saturday afternoon by a hacker calling himself Dhostpwned. Hackers use a PHP shell to take over the rights of the host service provider.
According to the Deep Hosting wiki page, the hacker incident takes place after the hacker registers a shared host account on their site, uses it to upload two shells on the server, one is written in PHP and one is written in Perl. Deep Hosting conducted an investigation after the attack and realized that the attacker did not execute the Perl shell and the PHP shell still worked normally.
- What is Dark Web? Who uses it? The potential dangers of Dark Web and warnings
'A majority of PHP shells are unusable because some functions are blocked on the shared server but there is a function that is not blocked', Deep Hosting writes on the wiki page providing details about this security incident. . 'An attacker can access the server and execute commands with certain permissions'.
According to the investigation timeline (below), Deep Hosting takes nearly a day to know what is happening, detects the hacked point, changes the FTP and SQL passwords for all user accounts. 'We believe some pages have been exported,' Deep Hosting said, 'this is possible because the connection database has been restored.'
Nearly a day after Deep Hosting realized and resolved the case
- July 8, 2017 at 3:37 pm (GMT 0): An attacker subscribes to a shared hosting. Nó uploads hai tập tin mà một trình bao PHP và một Perl. Đã không thể thực hiện Perl có thể thực hiện trên máy phục vụ, nhưng có thể thực hiện PHP được thực hiện trên máy phục vụ. Một số thứ tự của phần của trình bao của trình bao của bot không thể dùng từ một số thứ tự số của các cơ sở dữ liệu bị tắt trên một thư mục chia sẻ, nhưng một hàm không thể được kết nối. Hành động có thể truy cập đến máy phục vụ và thực hiện một lệnh với quyền hạn hợp lệ.
- July 9, 2017 at 10:00 am (GMT 0): Our detect intrusion. They export all created / modified files. Tất cả tập tin được xóa.
- July 9, 2017 at 10:05 am (GMT 0): The server is passed in read only.
- July 9, 2017 at 10:06 am (GMT 0): We begin to analyze files recovery to understand attacks and damages.
- July 9, 2017 at 1:00 pm (GMT 0): We identify the scenario of the attack. PHP function was not disabled. Nếu bạn cần dùng một bộ đệm để tất cả các thư mục đã tạo vào phân vùng thêm thêm vào disable của môi trường và chúng. Bạn có thể tạo sự bảo vệ của PHP.
- July 9, 2017 at 2:30 pm (GMT 0): We change all passwords for all hosted sites (FTP and SQL) and máy phục vụ được xác định trong đọc / ghi.
At least 91 Dark Web ports are affected
Dhostpwned shared a list of all the pages he tried to access from Deep Hosting's server. This list includes 91 websites (at the end of the article). Most of these pages have crashed after the host has reset the MySQL password.
This list includes a variety of sinking web services, from drug sales to malware, hacked forums or stolen credit cards. 'I hacked them,' said Dhostpwned. 'In terms of security, their shared hosts are very bad.' 'I had a lot of files hosted on the site, all their SQL databases. There is a hired network killer who is hosted on it but I can't access it because it is hosted by a Virtual Private VPS server and they don't have a control panel to access VPS '.
Hackers accidentally knocked out the Dark Web market
On the other hand, Dhostpwned tries to access other servers, including a MNG Market host server, which sells a lot of illegal products. This hacker has uploaded the following file in the server's public root directory to prove it. Only a few seconds after the file has been uploaded, MNG Market has crashed, Dhostpwned admits to accidentally deleting the MBR on their hard drive.
Deep Hosting also hosts illegal trading services
According to Dhostpwned, MNG Market also uses VPS server to host the port, but unlike other sites, they forgot to change the default password for the VPS box.
This is not the first time the host provider for the sunken web has been hacked. In February this year, members of the Anonymous hacker group stole and released data from Freedom Hosting II, a free hidden web hosting service. They said they hacked the service because they found Freedom Hosting II knew their customers were hosting a child abuse forum but did not do anything. Freedom Hosting I was hacked for the same reason in 2011.
At this point, Dhostpwned still hasn't released any data from Deep Hosting and their customers, he said, without planning to do so.
23mg64vxd2t6kurv.onion
27msssu6jaqhuk6m.onion
33qvlt5je5kif3jq.onion
3kqpypputjn2dhpp.onion
5ehtvrvuf2ef5h4h.onion
5xwgogyjnfcvrmvj.onion
654krjf5q6iupjot.onion
66xflun3ot54h6re.onion
6ccxadxrr4g3qm7d.onion
acteamwneyw3ik2w.onion
alphaor4wguil6wo.onion
anpbcfvqjg2txyw4.onion
aom6u55durkqpwaz.onion
assassinuyy7h425.onion
azo3mftev62hfckw.onion
azvjv2ji2ucukemz.onion
b6kbmmeh5qivsr47.onion
bzp2k3z63s4js3mo.onion
c7wgwx7zlmqntrm5.onion
cardobgwrjlzzqfl.onion
cbossftu5bjk5nx6.onion
ccguruetr5jwye5g.onion
cd2bkzxjx7vq3gxc.onion
cerberxypcgoxiw5.onion
clonedxpjlq5764s.onion
dc5clejbfoaxcqbk.onion
dhostov5qbwwyhcw.onion
dhwikikgqceifior.onion
dpanely75rdnw7yv.onion
dxke6tzygtgqvb6a.onion
e5nocpxm3rccdjeq.onion
e6wdnr4mcrzzefkt.onion
eurx66uednuvulfh.onion
feap5rllvmqi7lka.onion
g3n3bnjwhwokjco7.onion
g6ipitbghd6qutma.onion
gadmai6ebvzji6v6.onion
gbpoundzv2ot73eh.onion
gdbvx3pywrphpd5a.onion
hwikikijkk5g6acr.onion
iacwsvpfd4q43oer.onion
icloud4ho7bmn662.onion
imlz5jkbdcgl2c7s.onion
ji4qnwqney7siu2r.onion
jqcpeb5d77npwgyi.onion
k6sblsjcsgqpeym7.onion
kshdh4ipnl62xu2i.onion
lxhbgl43362zhmoc.onion
lxtrcj4uf3kxdhth.onion
mngmt4bouza7mobn.onion
mpt374ndlhhaxcsd.onion
mxs3tmyprhbne25m.onion
mz252nufkj42unlf.onion
n7gaof3th7hbktct.onion
nddgne7tasavd65z.onion
nfi3plp7famvohxm.onion
openwikicra5e6y2.onion
pacho2llwjm3c7ko.onion
q7ozu2gu7xt74gxk.onion
qyhaps2d7mzwwund.onion
rampshqaygkfwphb.onion
rj3herig755gboy5.onion
rothminhoy6dq45c.onion
scant2tnmpah5uao.onion
sholq4wfbybbzvj7.onion
shops64lgjykjrkp.onion
sux4lbtmxux5ou4f.onion
teekvknyeypyzpst.onion
teranovif5tsxdb6.onion
terrafmx663yli7u.onion
tgfc3mn2c6m6zga5.onion
tnmarkyzsx7xfbdg.onion
torwikica2juwzcg.onion
trinixy73gm6z4fq.onion
twiljiy37asd3t24.onion
ucdanzi5vdstr2gl.onion
unoppqar7cy3zvux.onion
vkzw2vhqqt7vvirr.onion
vn4bhyvlquetya7e.onion
vzpqzsukomqmlocz.onion
warezj5fngb44vn5.onion
webde3vkni6mhr3v.onion
xigjkusfkt2zvcvn.onion
xosnp3buimehxvma.onion
xwl45tkgnd7dv5ta.onion
y4rxzpod66bxgr4q.onion
zaoklnavsgzaxhf4.onion
zerodwbjcejayq7v.onion
zhqwte56j3xbnzdu.onion
zi5ivi3ufa7ijqys.onion
zoyel6xobic62353.onion
You should read it
- How to search safely on deep web?
- What is Dark Web? Who uses it? The potential dangers of Dark Web and warnings
- Super cool websites can't be found on Google
- Should you use a VPN on the Dark Web?
- A guide to the Deep Web for newbies
- How to turn on Dark Mode for Firefox
- What is Deep Web? Where is the Deep Web? Good or bad?
- 12 best search engines discover Deep web and Dark web
- How does the dark web affect security?
- Activate Dark Theme on Windows 10
- How to Access the Deep Web
- What is the dark mode (dark mode)? Benefits and harms that dark background mode brings?
Maybe you are interested
Why are humans the only animals that faint from fear? Chan Zuckerberg Biohub and UCSF boost Bay Area coronavirus testing Facebook's Sheryl Sandberg urges people to complete the US census online How to Change the Language of Your Computer (Windows XP) System log in Unix / Linux How to download photos on Facebook to Android and iOS phones