On November 15th around 10-11 PM UTC the hosting server got hacked. As per my analysis it seems someone got access to the database and deleted all accounts. Noteworthy, also the account "root" has been deleted. To this day around 6500 Hidden Services were hosted on the server. There is no way to recover from this breach, all data is gone. I might re-enable the service once the vulnerability has been found, but right now I first need to find it.
The scripts are open source on github and anyone is welcome to take it as a base to build a new hosting service or help find the vulnerability.
If you are the hacker or have any helpful information about how this could have been done, please get in contact with me
Identified vulnerabilities so far:
- https://github.com/Bo0oM/PHP_imap_open_exploit - a php zero day exploit leaked just a day before the hack
This is just the landing page, you can navigate to the pages that interest you most by clicking on the entries in the navigation bar on the left.
If you like, what I built here, you can support me by donating via PayPal: email@example.com, Monero: 432Z3PTrRso52GHHpmPRpvLhecsnc7EFsVd2TzsCJaNmK4vivDxghRB5yVCj2nzCEGajeF3rBqJ43PcpxRnvZkMs49fufzD , Ethereum: 0xFbd055EEeA3b5a3459FeC6A8FAe631305b1079A0 , Dash: XuZGhWsmf61UXTwBB4QBKx7BhirPjiw7yX or Bitcoin: 1CHvjeMJum2Zfd3JEdb35RUEdz1jjQvdPT