Save over 40% when you secure your tickets today to TNW Conference 💥 Prices will increase on November 22 →

This article was published on February 5, 2017

Hackers have leaked the user database of a Tor web host popular with child pornographers


Hackers have leaked the user database of a Tor web host popular with child pornographers

Two days ago, a hacker group affiliated with Anonymous broke into the servers of Freedom Hosting II — a popular underground web host that, according to The Verge, contained one-fifth of the dark web — and shut it down.

Predictably, the hackers weren’t content with replacing 10,613 websites with a page that said “Hello, Freedom Hosting II, you have been hacked.” They also copied the hosting service’s database, which they have since released publicly.

According to Troy Hunt, who runs the popular service Have I Been Pwned?, the data dump includes the email details of nearly 381,000 users. Given that Freedom Hosting II was popular with those involved in the creation and distribution of child pornography, many of those emails are likely ‘burner’ addresses.

But almost 21 percent of them were in previous breaches registered in Have I Been Pwned?, suggesting that many of them were people’s actual, day-to-day email address. In a tweet, Troy Hunt said that there were ‘thousands’ of .gov email addresses, although he added “how many are real and what purposes they were being used for is another issue.”

In addition to user details, the dump also contains website database backups, many of these based on popular, free systems like WordPress and PHPBB. According to Hunt, much of the data is ‘highly explicit’. Almost half of the sites caught up in the dump reportedly contain illicit sexual content involving children.

The 💜 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!

The rest, according to a 2006 report from OnionScan, was a diverse collection of ponzi schemes, carding and counterfeiting sites, hacking forums, personal blogs, and Bitcoin escrow services.

According to Hunt, the Freedom Hosting II dump is almost certainly in the hands of law enforcement by now, adding that it is “very public” and contained “many real email addresses”. It seems inevitable that in the coming weeks, some of its users will find themselves with a knock on the door.

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Published
Back to top