Anonymous claims to have hacked the controversial web hosting provider Epik, known for allowing far-right, neo-Nazi, and other extremist content.
Anonymous hacktivist collective claims has claimed to have hacked the controversial web hosting provided Epik and stolen its data, including information of the clients of the company, as part of an operation codenamed EPIKFAIL.
According to the hackers, stolen data includes:
- Domain purchases
- Domain transfers
- WHOIS history
- DNS changes
- Email forwards, catch-alls, etc.
- Payment history
- Account credentials
- Over 500,000 private keys
- An employee’s mailbox
- Git repositories
- /home/ and /root/ directories a core system
Anonymous group pointed out that the above data can allow tracing the “actual ownership and management of the fascist side of the internet.”
“180 gigabytes of user, registration, forwarding and other information behind the “privacy” web hosting and registrar service Epik, known for hosting fascist, white supremacist and other right-wing content as well as harassment and doxing websites” reads the announcement on DDoSecrets.
The leak site includes both torrent and Magnet links.
“Due to its size, it’s incompatible with most torrent clients and many users will have difficulty downloading the data. When we’re able, we’ll release a more accessible version of the data.” continues the announcement.
The list of clients of the hosting provider includes the conservative social media platform Parler, pro-Trump The Donald site, Gab, anti-abortion snitch website, the Texas GOP website, and BitChute video hosting service known for hosting accommodating far-right and conspiracy content.
The news of the data breach was first reported by the independent journalist Steven Monacelli.
An Epik sympathizer doxxed Monacelli after he reported the data breach:
Anonymous announced the hack with a message published on 4Chan, below is the image of the press release published by the HackRead website.
“On September 13, 2021, a group of kids calling themselves ‘Anonymous’, whom we’ve never heard of, said they manage[d] to get a hold of, well, honestly, all our data, and then released it,” reads the Anonymous’ message published on the Epik’s knowledge base. “They claim it included all the user data. All of it. All usernames, passwords, e-mails, support queries, breaching all anonymization service[s] we have. Of course it’s not true. We’re not so stupid we’d allow that to happen.”
[출처 : SecurityAffairs / 9.15.]