Cyber Attack on the Dark Web Exposes Information

Media Division | July 24, 2017

When a web hosting service gets hacked, it is a major cyber attack, a data breach affecting many sites simultaneously. Add to that fact that this one happened to be a hosting service for sites that do not want to be seen or searched by the casual viewer, and you have a cyber event indeed.

This time it was a cyber attack on a dark web hosting service, and it was not the first time such has occurred.

The Dark Web

You can search for almost anything on the web and find hundreds of pages of related topics. Honestly, though, the searchable web is just the tip of the iceberg. Under the water lies both the “deep web” and the dark web.

Sometimes you hear that “90% of the internet is the dark web.” Well, that is not exactly true. If you add up all un-indexed internet sites you likely have more than 90% of the internet, but much of that is benign the deep web. Data from ancient sites (before indexing), websites that need not bother to be searched, or information that only pertains to a particular organization and thus is only direct-access could all be considered part of the deep web.

A small portion of that un-indexed data, however, is the dark web: the name for the part of the internet that wishes to be unseen. That unseen data is still accessible to their target audience. It might include illegal pornography, drug sales or hackers-for-hire. In fact, it often includes crime. Whatever it is, it is data the site creators do not wish to be seen or found by the general public.

Hacking the Dark Web

So if you can hire hackers on the dark web, why would anyone wish to hack the dark web? Three probabilities:

  • To make a statement. For example, Anonymous-affiliated hackers have hit the dark web before as a form of protest: targeting hosting services that were believed to be associated with pedophiles.
  • To steal data. Crime begets crime, right? Some hackers may target the dark web to steal data that could even already be stolen. As they say, there is no honor among thieves.
  • Unknown reasons. Often, one will not know why a hack occurred. If the hackers themselves do not make a formal announcement, the rest is speculation.

This Cyber Attack

This particular attack seems to have occurred on about July 8th and targeted Deep Hosting, a dark web hosting service. The attacker subscribed to the service and uploaded tools that allowed him to download other sites from the host. A total of 91 dark web portals were affected. The hacker, going by the name Dhostpwned, did not state a motive, outside of finding that “their shared hosting was appauling [sic] in terms of security.”

One of the hacked servers hosts the M.N.G. Market, a known marketplace for the sale of illegal products. Dhostpwned uploaded a text file to the server’s public root folder for anyone going there to see. It read, “gg -deephosting security is s _ _ _” (though we will let you fill in those blanks). Deep Hosting responded by resetting passwords for all of their servers, though Dhostpwned had already downloaded the leaked data.

The Dark Web and You

So what does the dark web have to do with you, if you conduct your business above the table? Well, activity on the dark web may provide insight into upcoming threats and attacks, such as when malware goes up for sale on a dark web site. That is why the best threat mitigation monitors dark corners of the web: to help predict and mitigate cyber attacks before they even happen.

Massive's Media Division publishes timely news and insights based on current events, trends, and actionable cross-industry expertise.