Freedom Hosting 2.0 Pwned Info & Database Leaked 02/05/17 Freedom Hosting 2.0 was hakced.
Earlier today a Reddit user running a dark web crawler reported that all websites hosted by Freedom Hosting II had been compromised and were now displaying the following message:
Hello Freedom Hosting II, you have been hacked
We are disappointed This is an excerpt from your front page We have a zero tolerance policy to child pornography. but what we found while searching through your server is more than 50% child porn
Moreover you host many scam sites, some of which are evidently run by yourself to cover hosting expenses.
All your files have been copied and your database has been dumped. (74GB of files and 2.3GB of database)
We are selling all data (excluding cp) for 0.1 BTC. Send 0.1 BTC to 14iCDyeCSp12AmhVfJGxtrzXDabFop4QtU and send your transaction id to fhosting@tt3j2x4k5ycaa5zt.onion or fhosting@danwin1210.me and Well get back to you with a full dump.
Up to January 31st you were hosting 10613 sites. Private keys are included in the dump. Show full list
We are Anonymous. We do not forgive. We do not forget. You should have expected us.
Verification
Privacy researcher Sarah Jamie Lewis used a customised onion scan tool in October last year and found that Freedom Hosting II represented 15-20% of active onion sites detected based on matching SSH fingerprints.
The hack appears to be genuine. Not only are the tested hosted sites compromised, the main customer portal is already compromised, as this too is displaying the same message. fhostingesps6bly.onion was one of the primary onion addresses of Freedom Hosting II, the un-hacked version can be seen via this archived capture.
Brand legacy and follow up
Freedom Hosting II is the brand successor to the original Freedom Hosting, formally run by Irishman Eoin Marques, similarly notorious for hosting child pornography and fraud sites.
The original Freedom Hosting was taken down by the FBI in conjunction with a JavaScript 0-day attack on its users back in 2013. It is reasonable to except that law enforcement will be highly interested in the hacked data as it must intersect with operations against the worst of the worst sites under active investigations. In many cases this will mean bringing investigations to a premature close with some suspects evading justice, but in other cases providing a wealth of data on serious criminal operations.
Archived link to the article from pirate.london: https://archive.fo/077M1 Pizzagate people on Voat are investigating this: voat.co/v/pizzagate/1617245