Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Many Darknet Sites Defaced in “Freedom Hosting II” Hack

Thousands of Tor-based websites became inaccessible last week after hackers breached the systems of Freedom Hosting II, a service provider that is believed to host roughly 20 percent of the sites on the dark web.

Thousands of Tor-based websites became inaccessible last week after hackers breached the systems of Freedom Hosting II, a service provider that is believed to host roughly 20 percent of the sites on the dark web.

While Freedom Hosting II has hosted nearly 11,000 websites, an analysis conducted by privacy and anonymity researcher Sarah Jamie Lewis has shown that only 1,500 – 2,500 of them had any content.

Hackers affiliated with the Anonymous hacktivist movement said more than half of the websites hosted by Freedom Hosting II contained child pornography, despite the provider’s claims that it does not tolerate this type of content.

As a result, the hackers defaced all the sites hosted by Freedom Hosting and leaked data taken from its systems. The hackers also provided information on how they managed to breach the organization’s systems.

Users who attempted to access the websites were shown a message that started with, “Hello Freedom Hosting II, you have been hacked.” The Verge reported that the hackers initially offered to sell the stolen data for 0.1 bitcoin (roughly $100), but later apparently decided to make it available for free. The address provided by the attackers has received a total of 0.12 bitcoins.

Australian security expert Troy Hunt, the owner of the Have I Been Pwned breach notification service, analyzed the leaked data and discovered a 2.2 Gb database containing more than 380,000 user records, including email addresses, usernames and passwords.

Hunt believes law enforcement agencies will find the leaked data very useful, especially since it includes real email addresses. He also pointed out that many of the addresses are on .gov domains, but it’s unclear how many of them are real and what they have been used for.

The leaked data was also analyzed by Chris Monteiro, who confirmed that Freedom Hosting II hosted some large English and Russian-language forums related to child abuse. The researcher also identified fraud, account hacking, fetish and botnet websites.

The original Freedom Hosting was taken down by the FBI back in 2013. Before shutting it down, the agency exploited a vulnerability to identify darknet users.

Related Reading: Darknet Marketplace Hansa Launches Bug Bounty Program

Related Reading: Behind the Buzz – What Intel Can You Gather from Dark Web Markets?

Related Reading: Top Reasons to Pay Attention to the Dark Web

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Cybercrime

Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

A digital ad fraud scheme dubbed "VastFlux" spoofed over 1,700 apps and peaked at 12 billion ad requests per day before being shut down.

Cybercrime

Cybercriminals earned significantly less from ransomware attacks in 2022 compared to 2021 as victims are increasingly refusing to pay ransom demands.