A huge cyber attack on a company that allegedly provided hosting services for a large number of child pornography forums on the dark web may have been responsible for a massive drop in hidden sites available on the Tor network, according to new analysis from OnionScan.
Back at the beginning of February, it was reported that hackers from Anonymous had knocked out the servers of Freedom Hosting II, taking down an estimated 10,000 sites on the dark web in the process.
After the attack, visitors to websites hosted by Freedom Hosting II were met with the following message: “Hello Freedom Hosting II, you have been hacked.
“We are disappointed… This is an excerpt from your front page: ‘We have a zero tolerance policy to child pornography.’ [W]hat we found while searching through your server is more than 50% child porn…
“Moreover you host many scam sites, some of which are evidently run by yourself to cover hosting expenses.”
The Anonymous attacker told Motherboard it was their first ever hack, claiming to have stolen and dumped 74GB of files and a 2.3GB database.
This week, the OnionScan revealed that of the 30,000-plus Tor-based hidden services that were available on the dark web in April last year, only 4,400 are currently active.
“These 4,400 hidden services are far fewer than previous scans,” OnionScan’s Sarah Jamie Lewis writes.
“We believe that the Freedom Hosting II takedown not only removed many thousands of active sites but also may have affected other hosting providers who were hosting some infrastructure on top of Freedom Hosting II.
“The sudden disappearance of Sigaint, an encrypted email provider, may also be associated with the decline of some hidden services.”
According to Lewis, the dark web has been reduced to 4,000 HTTP websites, 250 TLS (HTTPS) endpoints, 100 SMTP services and just 10 FTP nodes.
In a study published at the end of 2014, University of Portsmouth computer science researcher Gareth Owen suggested that more than 80% of the dark web is made up of child pornography sites and forums for paedophiles.
It is thought that tens of thousands of paedophiles use hidden websites to communicate with one another, share resources and knowledge, access a wider range of children and swap indecent images and videos of minors.
Last week, Europol launched a new campaign in association with a number of member state law enforcement agencies that will see police officers take to file sharing sites to warn online paedophiles about the potential consequences of their actions and encourage them to get help.
Commenting on the new programme of action, Bjørn-Erik Ludvigsen, of Norway’s National Criminal Investigation Service, said: “Law enforcement will no longer accept children being repeatedly re-victimised through their abuse being shared to and from users on peer-to-peer networks.”
