Anonymous leaks gigabytes of data from alt-right web host Epik

by | Sep 17, 2021 | News

 

Reading Time: 1 Minute

 

Hacktivist collective Anonymous claims to have obtained gigabytes of data from Epik, which provides domain name, hosting, and DNS services for a variety of clients.

 

 

These include the Texas GOP, Gab, Parler, and 8chan, among other right-wing sites. The stolen data has been released as a torrent. The hacktivist collective says that the data set, which is over 180GB in size, contains a “decade’s worth of data from the company.”

Anonymous says the data set is “all that’s needed to trace actual ownership and management of the fascist side of the Internet that has eluded researchers, activists, and, well, just about everybody.” If this information is correct, Epik’s customers’ data and identities could now fall into the hands of activists, researchers, and just about anyone curious enough to take a peek.

 

Decades of Epik stuff, now in a torrent near you

Epik is a domain registrar and web services provider known to serve right-wing clients, some of which have been turned down by more mainstream IT providers due to the objectionable and sometimes illicit content hosted by the clients.

Anonymous’ activities began with what the group calls “Operation Jane” after the Texas Heartbeat Act was signed into law this month. The restrictive abortion law allows private individuals, not necessarily government bodies or the police, to enforce the six-week abortion ban. According to the act, any Texas resident can bring a civil lawsuit against any person who performs or helps to facilitate an illegal abortion—and claim at least $10,000 in damages.

See Also: Complete Offensive Security and Ethical Hacking Course

 

 

 

The note, shown below, was spotted by journalist Steven Monacelli, who has since been doxxed by an Epik supporter.

 

A "press release" posted by Anonymous.
Enlarge / A “press release” posted by Anonymous.

 

Among the data set are various SQL databases containing what appear to be customer records associated with every domain name hosted by Epik. Ars analyzed a small subset of the leaked data set, including what a source calls an Epik employee’s mailbox, which contains correspondence from Epik CEO Rob Monster.

Members of the whistleblower site, Distributed Denial of Secrets (DDoSecrets), have also made the data set available via alternate means for those unable to use torrents.

“We are not aware of any breach. We take the security of our clients’ data extremely seriously, and we are investigating the allegation,” an Epik representative told Ars.

 

 

See Also: Windows MSHTML zero-day defenses bypassed as new info emerges

 

 
 
 
 
 

Hackers alter Epik’s knowledge base to mock company’s response

 

Anonymous also tampered with Epik’s knowledge base to mock the company’s denial of the breach.

“On September 13, 2021, a group of kids calling themselves ‘Anonymous’, whom we’ve never heard of, said they manage[d] to get a hold of, well, honestly, all our data, and then released it,” said the altered knowledge base, as seen in an archived copy. “They claim it included all the user data. All of it. All usernames, passwords, e-mails, support queries, breaching all anonymization service[s] we have. Of course it’s not true. We’re not so stupid we’d allow that to happen.”

 

Anonymous mocks Epik's response by modifying the company's official knowledge base.
Enlarge / Anonymous mocks Epik’s response by modifying the company’s official knowledge base.

 

The knowledge-base page ends by sarcastically saying, “We did write this ourselves, this is obviously not part of the hacked account.” Epik has since removed the page.

 
 

See Also: Offensive Security Tool: Jenkins Attack Framework

 

 

 

Prior to this incident, Anonymous defaced the Texas GOP website by replacing references to “Help Texas Stay Red” with “Texas: Taking Voices from Women to promote theocratic erosion of church/state barriers.” The group also added “donate” links to reproductive health care nonprofit Planned Parenthood.

 

Texas Republican Party's website defaced by Anonymous this month.
Enlarge / Texas Republican Party’s website defaced by Anonymous this month.

 

 

Source: arstechnica.com

(Click Link)

Share This