Hosting hacked: 6500 Tor Hidden Services Wiped Out

BM-2cW67GEKkHGonXKZLCzouLLxnLym3azS8r
Dec 6 11:09 [raw]

Hosting hacked: 6500 Tor Hidden Services Wiped Out https://danwin1210.me/ On November 15th around 10:06 PM UTC the hosting server was logged in to via phpmyadmin and adminer with the correct hosting management password and deleted all accounts. Noteworthy, also the account "root" has been deleted, which was injected into the database at 10:53 PM UTC and deleted at 12:50 AM, shortly after remaining databases from the chat, link list and hit counter got deleted. Unfortunately it is not possible to find the root cause by log analysis as on 14th at 5:33 the database had already been accessed with this user and it is unknown for how long the hackers may have had access to the database due to rotating logs frequently. However the database password was last updated on October 20th, which indicates that the hack must have happened within the last month. To this day around 6500 Hidden Services were hosted on the server. There is no way to recover from this breach, all data is gone. The scripts are open source on github and anyone is welcome to take it as a base to build a new hosting service or help find the vulnerability. If you are the hacker or have any helpful information about how this could have been done, please get in contact with me Investigation is continuing. Not affected are the mail and XMPP service, as well as the static content and the short-link service, which were hosted on my Raspberry Pi 3. The chat is restored with a fresh installation and other services will be back up soon. I expect to get the hosting back up in December (NOT on December 1st). In the meantime, http://fhostingineiwjg6cppciac2bemu42nwsupvvisihnczinok362qfrqd.onion is a good alternative. To stay updated about the development, check here: https://github.com/DanWin/hosting

BM-2cW67GEKkHGonXKZLCzouLLxnLym3azS8r
Dec 6 11:49 [raw]

Yikes! I had an email address there!

BM-2cW67GEKkHGonXKZLCzouLLxnLym3azS8r
Dec 6 17:17 [raw]

danwin ... what a shitty hoster, dont even have backups > 6500 Tor Hidden Services Wiped Out no, actually just one, with a handful of onion domains

BM-2DAV89w336ovy6BUJnfVRD5B9qipFbRgmr
Dec 6 22:41 [raw]

I don't believe it ... the shit was hittin' the fan and he just found a quick way out

BM-2cW67GEKkHGonXKZLCzouLLxnLym3azS8r
Dec 7 01:26 [raw]

I suspect he actually wasn't hacked. Maybe the hack story is a cover for something else.

BM-2cW67GEKkHGonXKZLCzouLLxnLym3azS8r
Dec 7 01:32 [raw]

I was thinking the same thing. ALL of his data was lost, but not the email. How convenient.

BM-2cW67GEKkHGonXKZLCzouLLxnLym3azS8r
Dec 7 01:39 [raw]

Please speculate and elaborate. This is worth extrapolating.

BM-2cW67GEKkHGonXKZLCzouLLxnLym3azS8r
Dec 7 02:03 [raw]

> In the meantime, http://fhostingineiwjg6cppciac2bemu42nwsupvvisihnczinok362qfrqd.onion is a good alternative. cattle chute?

BM-2cW67GEKkHGonXKZLCzouLLxnLym3azS8r
Dec 7 03:00 [raw]

I've always said Daniel was IMPRESSIVELY STUPID to do this orthonymously under his state identity. In doing so, he became the softest attack surface of the system, and as we know a system is only as strong as its weakest element. If indeed the damage was self-inflicted, as has been theorized by some, I wouldn't even hold it against Daniel. Maybe he wanted to finally remove the biggest vulnerability of the danwin system: Daniel Winzen. And since Silk Road has taught us that "business as usual under new management" doesn't really work against the current threats, the only honorable way forward was to hit the Reboot button. Not saying that this is what happened. Just saying that IF this was what happened, I wouldn't have a problem with it. Best of luck to Daniel in building a new reputation from scratch on top of a new, less vulnerable identity. PS: Watch out for cockmail hacks next.

BM-2cW67GEKkHGonXKZLCzouLLxnLym3azS8r
Dec 7 23:17 [raw]

Meh. The whole shebang runs on a Raspberry Pi so maybe his SD card finally wore out.

BM-2cW67GEKkHGonXKZLCzouLLxnLym3azS8r
Dec 14 16:21 [raw]

> PS: Watch out for cockmail hacks next. Aaaaand.. yeah. Thought so. :-( https://status.cock.li/incident/2 You heard it here first, folks. Winter is coming.

[chan] general
BM-2cW67GEKkHGonXKZLCzouLLxnLym3azS8r

Subject Last Count
Security Feb 21 21:38 5
kill Trump Feb 21 21:13 1
--- super fat mega leak bit torrent is live -- join in ! 773 million Feb 21 21:04 3
cool pyBM modification ! save BM as file natively, with proper KDE dialogue ! only 12 lines Feb 21 20:58 3
The Moon Landing Was Faked and Astronauts Are Lying Feb 21 19:34 2
The Moon and the Sun are the Same Size Feb 21 19:24 1
The Earth IS flat Feb 21 19:19 1
UK Column News - 22 February 2019 Feb 21 19:12 1
UK Column News - 25th February 2019 Feb 21 19:10 3
UK Column News - 22nd February 2019 Feb 21 19:05 5
This method launches multiple Tor instances Feb 21 14:44 2
HAPPY NEW YEAR! Feb 21 14:05 7
A girl gets a school spanking Feb 21 11:36 1
Call to murder Angela Merkel, Emmanuel Macron, Petro Poroshenko, Jens Stoltenberg etc. Feb 21 08:08 3
UK Column News - 20th February Feb 21 07:55 1
Sex! Feb 20 20:48 1
NSA Feb 20 14:43 3
A girl slippered at school for the first time Feb 19 08:30 1
UK Column News - 18th February Feb 18 19:16 1
None of this is connectd Feb 17 23:58 1
Unextreme and unrelated fish pie Feb 17 23:52 1
UK Column News - February 22 2019 Feb 17 17:29 1
UK Column News - 21st February 2019 Feb 17 17:22 1
UK Column News - February 21 2019 Feb 17 17:21 1
UK Column News - 20 February 2019 Feb 17 17:18 1
UK Column News - 20th February 2019 Feb 17 17:18 1
UK Column News - February 19th 2019 Feb 17 17:14 1
UK Column News - February 20 2019 Feb 17 17:13 1
UK Column News - 18 February 2019 Feb 17 17:13 1
UK Column News 19th - February 2019 Feb 17 17:09 1
UK Column News 19th February 2019 Feb 17 17:08 1
UK Column News - 18th February 2019 Feb 17 17:06 1
surveillance_not_ok Feb 17 16:28 1
The earth is flat. Feb 17 10:05 13
UKColumn News - 15th February 2019 Feb 16 17:09 1
2019 - the crash is coming Feb 16 11:37 13
KASPERSKY INTERNET SECURITY 2019 - 366 DAYS (WINDOWS, MAC, ANDROID) ACTIVATION CODES SCAM. Feb 15 22:26 3
UK Column News - 13th February 2019 Feb 13 20:35 1
Matthew 27:24-25 Feb 13 15:31 2
UK Column News 11th February 2019 Feb 12 08:36 1
meanwhile in russia #2 Feb 11 23:54 1
meanwhile in russia #1 Feb 11 23:38 1
http://dfilesus7ldn2ab6vitajolxrrf6ynx2fuskpx6bxamttpixvxzz7uqd.onion/uploads/tqMRZJXSOfE.jpg Feb 11 17:51 1
It’s time for Europe to think systemically of how they could counter Moscow Feb 11 16:31 2
Mateusz Piskorski, Russian agent of influence Feb 11 16:21 2
It’s an organized, coordinated Russian campaign Feb 11 16:20 2
Polish far-righ is known to be penetrated by Kremlin agents Feb 11 16:06 2
Poland’s loud but politically marginal extreme right is openly Russophile Feb 11 16:00 2
You won’t see much coverage of these weapons on Russian television Feb 11 16:00 2
Amazon CEO Jeff Bezos rocked American politics Feb 11 15:53 2
Mathias Rust Feb 10 19:31 6
TrueCrypt 6.0 and 7.1a Feb 10 17:11 3
New Win32 binary snapshot of pybitmessage available Feb 10 10:31 3
New Biometric ID Feb 10 07:04 2
test Feb 10 06:05 1
dammit ! dang nigger pranked Dr. David Duke Feb 10 00:59 5
UK Column News - February 12 2019 Feb 9 21:19 1
UK Column News - February 12th 2019 Feb 9 21:19 1
UK Column News - 12th February 2019 Feb 9 21:16 1
UK Column News - 11th February 2019 Feb 9 21:14 1
UK Column News - 9th February 2019 Feb 9 21:13 1
KASPERSKY INTERNET SECURITY 2019 - 366 DAYS (WINDOWS, MAC, ANDROID) ACTIVATION CODES SALE. Feb 9 10:26 2
UK Column News - 8th February 2019 Feb 9 07:26 1
happy new year test message Feb 8 18:31 1
0AA6C0B304A674D4D21EAD1279951858 Feb 8 11:40 1
Дмитрий Фёдорович Поляков Feb 7 18:16 1
This week, the disinformation world’s attention was focused on Venezuela Feb 7 18:09 2
UK Column News Feb 7 09:10 2
UK Column News - February 2019 7th Feb 7 07:45 2
UK Column News - 7 2019 February Feb 7 07:40 1
UK Column News - 2019 February 7th Feb 7 07:40 2
UK Column News - February 7th 2019 Feb 7 07:37 2
UK Column News - 2019 February 7 Feb 7 07:35 2
UK Column News - February 7 2019 Feb 7 07:29 1
UK Column News - 7th February 2019 Feb 7 07:25 3
UK Column News - 7 February 2019 Feb 7 07:25 1
Any-one in Rome?? Feb 6 22:42 3
UK Column News - 6 February 2019 Feb 6 18:42 1
Nothin' worth readin' 'ere Feb 6 07:19 6
UK Column News - 4 February 2019 Feb 5 10:06 1
collection #1 --- super fat mega leak bit torrent is live -- join in ! 773 million Feb 5 01:46 1
ready for it Feb 3 13:40 2
UK Column News - 6th February 2019 Feb 2 15:57 3
UK Column News - 4th February 2019 Feb 2 15:57 5
UK Column News - 5th February 2019 Feb 2 15:57 4
G0d @ _0rbit -- Doxxing-Adventskalender -- CDU SPD FDP LINKE -- Bundestag-Hackerangriff Feb 2 08:38 1
UK Column News - 1st February 2019 Feb 2 08:00 1
Ebook - History of Jihad From Muhammad to ISIS by Robert Spencer Feb 1 23:19 1
Comprehensive list of channels Jan 31 17:13 2
UK Column News - 30th January 2019 Jan 31 08:03 1
Currently, the World Order has fifty-three Earth built UFO Jan 30 08:21 2
Looking for indicators of whether or not you’ve been abducted Jan 30 08:05 2
KASPERSKY INTERNET SECURITY 2019 - 366 DAYS (WINDOWS, MAC, ANDROID) ACTIVATION CODES CRIME. Jan 29 08:47 1
FARM GIRLS NO PANTIES Jan 29 05:06 1
MY SUMMER BABE Jan 29 03:45 1
UK Column News - 28th January 2019 Jan 28 17:57 1
Jan 27 06:24 1
Drilling jumbo draft loading Jan 26 23:28 1
ion pump culvert conduit Jan 26 22:17 1
Tree iron with flat spiral Jan 26 21:25 1