Freedom Hosting II Hack: 381K Emails, Child Porn Users Texts Leak: $25K For Baby

Freedom Hosting II Hack — 381K Emails, Child Porn Messages Leaked: $25K For Baby

There has been a big hacking of the so-called “Dark Web,” when an Anonymous hacker hacked into the web hosting firm named Freedom Hosting II, a “no questions asked” type of hosting company on the part of the Internet that is harder for non-technical folks to access. Although Freedom Hosting II reportedly claimed to have a zero tolerance policy for child pornography, the Anonymous member who hacked the dark web claimed to have taken more than 10,000 websites down — with claims that a large portion of them contained child pornography.

As reported by the Mirror, the Anonymous hacker did not initially intend to take down Freedom Hosting II. However, after noticing what the hacker called were plenty of scam sites hosted by Freedom Hosting II and plenty of child pornography websites, the plan to take down thousands of websites was enacted. And the hacker didn’t stop there — but reportedly leaked email addresses, passwords, and usernames onto the dark web and beyond from the child porn sites, exposing some of the users of those sites.

According to “Have I Been Pwned?,” the Freedom Hosting II hacking occurred in January 2017. Folks can use the “Have I Been Pwned?” website to enter their email addresses to see if they have been a member of any data breaches, although it’s unclear how much they’ve updated their database with the leaked compromised data from Freedom Hosting II as of this writing. The below tweet shows 21 percent of the leaked email addresses were already compromised, so the Freedom Hosting II leaked emails are likely in the “Have I Been Pwned?” database for searching.

As reported by The Verge, Freedom Hosting II had their data leaked in the breach that took down approximately 20 percent of the dark web’s websites using Tor hidden services. With more than 10,000 sites being taken down and claims that greater than 50 percent of those sites contained child pornography, that means that more than 5,000 websites potentially held child porn.

According to the above tweet, 381,000 email addresses were exposed in the Freedom Hosting II hack. The exposed information was handed over to law enforcement. According to security expert , who is Microsoft’s Regional Director and MVP for Developer Security — as well as the creator of “?” — the hacking is a serious one.

“This is a pretty serious incident so let me outline what I know and what’s in . Freedom Hosting II (dark web host) sites impacted, reportedly 20% of all hidden services. >50% were allegedly contained child porn. The data has been dumped publicly and is easily found and extensively torrented. It contains a 2.2GB MySQL file with 920k rows. The MySQL file contains DB backups of customers. There’s a very broad range of data from different systems (PHPBB, WordPress, etc). As you can imagine, a lot of the data is very explicit. Not all will be illegal content, but a significant amount is. I’ve flagged the breach as ‘sensitive’ in . There were 429 notification subscribers and 334 domain subscribers emailed. I’ve only listed minimal data classes. There are so many different sites it would be hard to list them accurately and comprehensively. Finally, law enforcement will absolutely have this data, it’s *very* public. It also obviously has many real email addresses in it…”

According to the article titled “HUGE pedo forum dump! Freedom Host 2 (biggest.onion host) has been hacked, full dump available (pizzagate)” on Voat, there were plenty of pedophile forums and websites hosted on Freedom Host II, with “plaintext messages between pedos” leaked in the breach. Human trafficking information was found, with pleas from the person to “at least catch this one pedo using Western Union info.”

That message went on to detail someone writing about having “young girls, if you want a girl of 1 year old we sell her.” The responding person went on to say “that’s sounds great I’d love to have a girl of 1 to 2 years old as my adopted daughter and be a part of my family.” Attempts to verify that the transaction was real ensued, before the person committed to the purchase of the baby girl from or in Canada. Photos were also requested as verification. The buyer was prepared to pay $300 to “meet and be with her” for one hour. After that meeting, the person was willing to pay $25,000 for the little girl. The reply received was that while the buyer “can ask for sexual service of 1 hour with a minor without problems…this minor would not be in sale.” The reply went on to state that they offer sexual services, not human trafficking, and that the buyer may “receive a different minor any time you ask [for a] sexual service.”

The buyer went on to ask for “‘proof of product’ that you will have a little girl like this for me, before committing myself to a huge $25,000 purchase.” An email address and Western Union information was given by the buyer, who said they could not leave the Vancouver area — and once again begged for a girl he could purchase or “adopt” for $25,000 — since he wrote that his dream was to become a dad.

The so-called “full pastes from the Freedom Host II file dump (pizzagate)” and updates about the Freedom Hosting II data leak were accompanied by advice not to follow any URLs or websites discovered within the raw data, to avoid child porn websites from the hack.

[Featured Image by Raphael Satter/AP Images]

Comments