- Feb 4, 2016
- 2,520
...some quotes from the article:
EXCLUSIVE — Deep Hosting — a Dark Web hosting service — admitted yesterday to suffering a major security incident during which "some sites have been exported."
The hack took place on Saturday afternoon and was carried out by a hacker calling himself Dhostpwned, the name he used when he spoke with Bleeping Computer earlier today.
Hacker used PHP shell to take over hosting provider
According to a wiki page published by the Deep Hosting team, the hack took place after the hacker registered a shared hosting account on their service, and used it to upload two shells on their servers, one written in PHP and one in Perl.
A Deep Hosting investigation into the events that preceded the hack showed that the attacker was not able to execute the Perl shell, but the PHP version worked just fine.
At least 91 Dark Web portals affected
Dhostpwned shared with Bleeping Computer a list of all the sites he managed to reach from the Deep Hosting server he initially hacked. The list includes 91 websites and is embedded at the end of this article.
At the time of writing, Dhostpwned has not dumped any data from Deep Hosting or its clients. This might change in the future.