Breach, Threat Management, Data Security

Report: Adversary hacks dark web hosting provider, accesses its customers’ data

At least 91 dark web sites suffered a breach after a malicious actor accessed their hosting provider's server and apparently managed to export files and possibly linked databases as well, BleepingComputer reported on Monday.

According to the report, on July 8, a hacker with the alias "Dhostpwned" registered a shared hosting account on the dark web hosting service Deep Hosting, before uploading a pair of shells onto the company's servers, one of which successfully granted the attacker limited rights to execute commands.

In a company wiki page quoted in the report, Deep Hosting said it detected the intrusion on July 9 and took steps to secure its clients. BleepingComputer also privately spoke with the Dhostpwned, who said "I've got the majority of files hosted from the site, all of their sql dbs." The hacker also admitted to accessing the server hosting the illegal marketplace M.N.G Market and then accidentally wiping its hard drive's master boot record, causing the site to go down. The hacker does not intend to dump any data gleaned from the breach, the report states.

Bradley Barth

As director of community content at CyberRisk Alliance, Bradley Barth develops content for SC Media online conferences and events, as well as video/multimedia projects. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.