A Deeper Look into the Freedom Hosting II Leaked Tor Sites
Freedom Hosting II was hacked some time earlier today with the Anonymous hackers asking for 0.1 BTC for the leaked files.
Since then they changed their minds and released the master database files for free. Sometime Saturday morning GMT they also released the system files as well as a statement about how the hack was done. Following message was left.
Thanks for your patience, you don’t have to buy data 😉 we made a torrent of the database dump download here
Here another torrernt with all system files (excluding user data) download
You may still donate BTC to 14iCDyeCSp12AmhVfJGxtrzXDabFop4QtU and support us.
Grab your own Copy of Databases and System Files
We have already discussed in our earlier article on how the hack was done. So, here we will look into the findings.
Findings so far
- Large child abuse related forums in English and Russian
- Fraud sites, some of which are clearnet facing, capturing public IP addresses
- Hacked account sites, but it’s always hard to tell if those are legit
- Weird fetish sites, which might not even be illegal
- At least some botnets
- Other usual weird Tor sites
- If you want to analyze the data you’ll going to have to install a MySQL compatible database and restore the big SQL file. This took me about 3 hours total FYI. You’ll probably want a graphical management tool, I’m using MySQL on Windows with a HeideSQL interface
- For people who just want to know which sites were affected, here is a 10 meg torrent dump of the Freedom Hosting II master index database which shows which domains were active and such. In relatively friendly .csv format.
- Since I’ve finally mounted all the databases, I’ve run a report arranging them by database size which should be of use for analysts. You can download this small CSV file here.