Anonymous Just Took Down 1/5 Of Dark Web’s Child Pornography:

Anonymous Just Took Down 1/5 Of Dark Web’s Child Pornography:

The hacktivists breached Freedom Hosting II — the largest host of Dark Web sites accessible only through Tor — downloaded gigabytes of data, and took down and defaced some 10,613 .onion websites. This means that the hack took down nearly a fifth of the Dark Web for hosting child pornography.


The Dark Web is the encrypted network that exists between Tor servers and their clients aka cyber criminals, activists and many others who want encrypted communications. The Tor Network, the only network that protects the user’s identity and does not watch their Internet activities, helps Internet users retain their privacy online — especially when they are being watched by third parties.

Since most of the Dark Web is a haven for drug markets, pedophiles and sex traffickers who use Tor or set up anonymous .onion websites to hide their location and to ply their illegal trade, it becomes difficult for law enforcement to unmask the criminals seeking refuge in the shadows.

In their attempt to uncover the creators, possessors, and subscribers of child pornography, a group of anonymous hackers breached Freedom Hosting II — the largest host of Dark Web sites accessible only through Tor — downloaded gigabytes of data, and took down and defaced some 10,613 .onion websites.

The anonymous hacktivists claimed over 50% of the data stored on the Freedom Hosting II servers contained child pornography. International Business Times reported that the hackers stole 75 GB worth of files and 2.6 GB of databases, which they offered to return for 0.1 bitcoin, around $100.


According to Sarah Jamie Lewis, an independent anonymity & privacy researcher who spotted the mass hack as part of her regular scans of the Onion space (Dark Web sites running on the Tor network), Freedom Hosting II was hosting an estimated 15% to 20% of all websites on the Dark Web.

This means that the hack took down nearly a fifth of the Dark Web. Lewis told The Verge: “This is a major blow considering many were personal or political blogs and forums. In the short term, a lot of diversity has disappeared from the Dark Web.”

We were able to identify FHII-hosted sites through SSH fingerprints & Hostname hacking among others. Hosted sites now redirect to message.

Security researcher Chris Monteiro claimed the Freedom Hosting II hack may have disrupted a substantial number of botnets, which are increasingly used by cyber criminals to launch large-scale DDoS attacks.

Freedom Hosting II onion keys and an index of who they hosted wrapped it up in a 10 meg single torrent 

Monteiro also discovered the .onion websites were not only hosting botnets, but also fraud sites, sites peddling hacked data, weird fetish portals, and child abuse sites targeting both English and Russian speaking buyers. Websites defaced in the Freedom Hosting II hack include:

  1. Sites defaced in FH2 hack:
  2. ztvcyfnj6fvvuklj.onion
  3. gy34jeejrjpfsmhk.onion
  4. eon3o2n4tohozwsu.onion
  5. blogovhjgbfv2xwa.onion
  6. 7zj7zjbd7byyjcnr.onion
  7. w5h3zfwe6fese6vr.onion
  8. uzpnqrulcv63t7rt.onion
  9. 6wcszw2gansh6gaa.onion
  10. mubak2tbl45atna7.onion
  11. b47ly6wtdb2ubv46.onion
  12. n3c5n2h7454t5w5u.onion
  13. m6svkucc6bxxv2du.onion
  14. w2f3pnluqqbk2avf.onion
  15. q2muuyhexvsksylf.onion
  16. qyl4yfqfiatbfzxp.onion
  17. qtvidjcqjf4dqz5y.onion
  18. jqtb6tfxj72wl7dj.onion
  19. ns3kvwuqzobq2f3l.onion
  20. 4hojqdetomspo54r.onion
  21. arcmubavm7zzb6fg.onion
  22. 22vm7e2rbrc4mna6.onion
  23. tordirhwtq6p7qcq.onion
  24. ewaatttmeo66jxww.onion
  25. gvuxmya45aos3pvw.onion
  26. l4o6emnaxzamxiyh.onion
  27. pep2dvujfnegpwqd.onion
  28. lb62x7czr5sfs5ws.onion
  29. vftd64vntd3efqkv.onion
  30. evl7hlif7najivfn.onion
  31. hbjdfsrekk2mouxq.onion
  32. jv6ykkh7eryoewnr.onion
  33. 7tpbg2fjekm36q7e.onion
  34. beu2mvfh7z5kimnv.onion
  35. pfoxbbsmpjgzhg7h.onion
  36. mduioehe2q2cqwuo.onion
  37. poldoxhh7h6zxgld.onion
  38. w5vz5hbzf6bqbxsi.onion
  39. uksfvgmwpiww3n4s.onion
  40. hitmanvcwgzb3ni5.onion
  41. pxmephmhg33bazpk.onion
  42. fq7ushavwycmjcyr.onion
  43. 44ftofyc6mdatzcg.onion
  44. c7klzdxvxwfupfp4.onion
  45. ro6ktarrqps2hhgm.onion
  46. p6jnocpfhms22dbt.onion
  47. paqfs7ui73uctxjc.onion
  48. kvexpnd4yuejicjv.onion
  49. zpffh4wwhuu3ndxm.onion
  50. symkxjcukery5hsg.onion


In an interview with VICE, the hackers explained why and how they took down the Dark Web hosting provider:

“Initially we didn’t want to take down FHII. But then we found several large child pornography sites which were using more than Freedom Hosting II’s stated allowance. Usually, Freedom Hosting II has a quota of 256MB per site, but these illegal sites comprised of gigabytes of material. This suggests they paid for hosting and the admin knew of those sites. That’s when I decided to take it down instead.”


torIn 2011 also, as part of Operation Darknet, anonymous hacked and DDoSed the first Freedom Hosting for hosting child pornography websites. In 2013, when the first Freedom Hosting was hosting half of all Dark Web sites, the FBI used a misconfiguration in the Tor Browser setup to identify visitors to such websites, took down the service, and arrested its owner Eric Eoin Marques in Ireland. Charges laid against Marques were of facilitating the distribution of online child pornography.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s