I have some sad news. On March 10th at around 03:30 AM UTC all databases related to my hosting were deleted from the database server. There was a new database user with full permissions. But given that my hosting database is gone, I can't associate it with an account to look deeper into how it got full permissions. As of now, it is not clear how or when the hack happened. If you have an idea, feature requests for future versions or maybe a fix for the vulnerability, please consider contributing to my open source project at https://github.com/DanWin/hosting.
Although this so far looks like a database only hack, similar to the November 2018 hack, you should treat all data as leaked and change your passwords on other sites, should you be using the same one elsewhere as on any of the sites I hosted.
There are roughly 390 GB of user data from 7595 user accounts on the server. I will keep the server active until 25th March so that everyone has a chance to download their current files (without database) via FTP or SFTP.
Being a darknet hoster has taught me many things. However, this is a free time project I do next to my full time job and it's very time consuming to try and keep the server clean from illegal and scammy sites. I spend 10 times more time on deleting accounts than I can find time to continue development. At this time I do not plan on continuing the hosting project, but this doesn't have to be the end. There are other hosting providers like Freedom Hosting Reloaded, Ablative Hosting, OneHost, OnionLand Hosting, Vlad's Hosting or Carrot Hosting and my project is available for download, which should enable anyone willing to become the next darknet shared hosting provider to start where I left of.
Update March 11th 06:00 AM UTC: Private keys of hidden services are now copied and available in your /data/ directory. If you don't know your system account to connect via (S)FTP, it consists of the first 32 characters of your first onion address. If it was a v2 address, it's the full address (including .onion). Since yesterday I've got several messages asking me not to give up. The project in it's current state is a lot of work to maintain. I have many ideas on what to improve and which features to add. But after spending most of my time on answering mails or getting rid of just another 50+ scam sites every day, there is hardly any time for development. I may start another hosting project in the future, when I found time to improve the current platform. But it may take several months before I get there.
Update March 13th 08:40 AM UTC: A data.tar.gz and www.tar.gz archive is now available in everyones home directory to speed up downloading by only having to transfer a single compressed file rather than a whole directory.
Update March 15th 10:30 AM UTC: All hidden services are now shut down to enable users to re-use the same address on a new host.
Update May 30th 11:51 PM UTC: The hacker released a public database dump of the hosting service, including all private keys of hidden services. Do NOT re-use your address as anyone can now use your address for other purposes. Instead you should create a new address and redirect the old one to it.
If you would like to show your support, you can donate BTC via 17EH5c3zfzw8ictPxEujhuoULV4QZ4Stt7