Most of the websites affected are now offline.
A hacker took over a dark web hosting provider by exploiting a “major security vulnerability” and thereby accessing a server.
On 8 July, an attacker calling themselves “Dhostpwned” set up a shared hosting account on the service offered by Deep Hosting. They used that account to upload two shells on their servers. One was written in PHP, whereas the other was written in Perl.
Deep Hosting outlines what happened next in a wiki page entitled “Major Security Vulnerability.”