Anonymous hacker causes dark web to shrink by as much as 85%

A hacker connected with Anonymous attacked Freedom Hosting II, causing thousands of dark web sites to go down

An attack by Anonymous, the shadowy hacker crew that seems to alternate between good guys and bad guys depending on the issue, help cut the dark web down by as much as 85 percent, according to a new report. 

Anonymous turned its sights on Freedom Hosting II, a hosting service for Tor-based sites, at the start of February. Freedom Hosting II (FHII) was the host to over 10,000 dark web sites, many of them hosting images of sexually abused children. It was named after another host, Freedom Hosting, that Anonymous took down in 2011. 

An Anonymous hacker went after the service after they discovered the provider knew what was going on and did nothing to stop it. The hacker who did it told Vice it was his first hack, and he didn't intend to take down the site—just look through it. When he found large amounts of child porn, he deduced the site knew what was going on and he decided to take down the hosts. 

The hacker said he had released a dump of system files, but not user data so as not to publicly distribute child pornography. But the hacker said he will provide a copy to a security researcher who will then hand it to law enforcement. 

A security group called OnionScan (named after the onion anonymous protocol used by the Tor browser and dark web, not the comedy website) said it has observed FHII hosting between 1,500 and 2,000 services, or 15-20 percent of the total number of active sites in its scanning lists. 

Dark web services shrinks to 4,400

However, since FHII went down, the number of dark web services has gone down significantly. All told, it puts the number of dark web services at around 4,400 services, compared to the 30,000 previously disclosed in April 2016 by threat intelligence firm Deep Light. 

Sarah Jamie Lewis, the main researcher behind the OnionScan report, wrote in a blog that she believes a ripple effect is at work. 

"We believe that the Freedom Hosting II takedown not only removed many thousands of active sites, but also may have affected other hosting providers who were hosting some infrastructure on top of Freedom Hosting II," she wrote. 

So, for now, chalk one up to Anonymous.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2017 IDG Communications, Inc.