It’s the largest free web hosting provider for dark web services. But remember back in 2018 when its 6,500 sites all went down after attackers accessed its database and deleted all its accounts?
It happened again – for the second time in 16 months. And this time, ZDNet reports, Daniel’s Host won’t be coming back online for several months: Almost 7,600 dark web portals have been taken offline following the hack, during which an attacker deleted the web hosting portal’s entire database. This happened earlier this month, on March 10, at around 03:30 am UTC, according to a message posted on DH’s now-defunct portal by Daniel Winzen, the German software developer behind the service.
Winzen said that an attacker accessed the DH backend and deleted all hosting-related databases. The attacker then deleted Winzen’s database account and created a new one to use for future operations. Winzen discovered the hack the next morning, at which time most of the data was already lost.
The service doesn’t keep backups by design.
In an email to ZDNet today, Winzen said he has yet to find out how the hacker breached the DH backend. However, since the dark web hosting service was more of a hobby, Winzen didn’t look too much into it. “I am currently very busy with my day-to-day life and other projects, I decided to not spend too much time investigating,” he told ZDNet…
Winzen said that users should consider the passwords for their DH accounts as “leaked” and change them if they used the same password for other accounts.
Winzen told ZDNet he still hopes to relaunch the service “at a later time” with “new features and improvements.”
“Not having to administrate the services all the time will hopefully give me more time for actual development.”