Epik Leak Archives – Gridinsoft Blog https://gridinsoft.com/blogs/tag/epik-leak/ Welcome to the Gridinsoft Blog, where we share posts about security solutions to keep you, your family and business safe. Thu, 21 Apr 2022 20:55:31 +0000 en-US hourly 1 https://wordpress.org/?v=90510 200474804 Epik hoster hack affected 15 million users, not just the company’s clients https://gridinsoft.com/blogs/epik-hoster-hack-affected-15-million-users/ https://gridinsoft.com/blogs/epik-hoster-hack-affected-15-million-users/#respond Mon, 20 Sep 2021 22:07:57 +0000 https://blog.gridinsoft.com/?p=5939 Last week, Anonymous hacktivists reported about hack of the database of the domain registrar and hoster Epik, which was previously often criticized for hosting “right-wing” sites including 8chan, Gab, Parler and The Donald. The stolen data (over 180 GB) was published in torrent format and, according to hackers, contains information for the last decade. Since… Continue reading Epik hoster hack affected 15 million users, not just the company’s clients

The post Epik hoster hack affected 15 million users, not just the company’s clients appeared first on Gridinsoft Blog.

]]>
Last week, Anonymous hacktivists reported about hack of the database of the domain registrar and hoster Epik, which was previously often criticized for hosting “right-wing” sites including 8chan, Gab, Parler and The Donald.

The stolen data (over 180 GB) was published in torrent format and, according to hackers, contains information for the last decade.

Since the company denied the fact of hacking, the hackers laughed at Epik and additionally hacked the hoster’s knowledge base, adding their own mocking edits to it.

In total, the dump published by the hackers contained 15,003,961 email addresses that belong to both Epik customers and people who had no business with the company, ArsTechnica now reports.

Reporters explain that Epik scraped the WHOIS records of domains, including those that were not owned by the company, and kept those records for themselves. As a result, the contact information of people who had never interacted directly with Epik were also kept by the company.

The data breach aggregator HaveIBeenPwned has already begun sending out warnings to millions of victims whose email addresses have been compromised. One of the victims was the founder of this service, Troy Hunt, although he never had anything to do with Epik.

In a Twitter poll, Hunt asked his followers if affected non-Epik customers would like to be notified of violations. The majority answered the question in the affirmative.

The leak revealed a huge amount of data not only about Epik customers, but also WHOIS records belonging to individuals and organizations that were not customers of the company. This data includes over 15 million unique email addresses (including anonymous ones to ensure domain privacy), names, phone numbers, physical addresses and passwords stored in a variety of formats.writes HaveIBeenPwned.

ArsTechnica reporters note that they saw part of the whois.sql file, which is approximately 16 GB in size. It is filled with email addresses, IP addresses, domains, physical addresses, and phone numbers of users. However, some WHOIS records are clearly out of date and contain incorrect information about domain owners (people no longer own these assets).

Hoster Epik hack

According to information security specialists Emily Gorchensky and Adam Sculthorpe, Epik representatives have finally admitted the fact of the hack and are now notifying their clients about “unauthorized intrusion” into their systems.

The company urges customers to remain vigilant and monitor any information they use while using the company’s services (including billing information, credit card numbers, names, usernames, email addresses and passwords).

Hoster Epik hack

Although the company does not yet know for sure whether customers’ bank card data has been compromised, users are advised to “contact the companies that issued the bank cards used for transactions with Epik and notify them of potential data compromise” as a precautionary measure.

The post Epik hoster hack affected 15 million users, not just the company’s clients appeared first on Gridinsoft Blog.

]]>
https://gridinsoft.com/blogs/epik-hoster-hack-affected-15-million-users/feed/ 0 5939
Anonymous hacktivists attacked the Epik hoster with the right-wing radical sites https://gridinsoft.com/blogs/anonymous-hacktivists-attacked-the-epik-hoster/ https://gridinsoft.com/blogs/anonymous-hacktivists-attacked-the-epik-hoster/#respond Thu, 16 Sep 2021 23:01:19 +0000 https://blog.gridinsoft.com/?p=5929 Anonymous hacktivists attacked into the database of the domain registrar and hoster Epik, which was previously often criticized for hosting right-wing sites including 8chan, Gab, Parler and The Donald. The data stolen from the hoster (more than 180 GB) was published in torrent format and, according to hackers, it contains information from the last decade.… Continue reading Anonymous hacktivists attacked the Epik hoster with the right-wing radical sites

The post Anonymous hacktivists attacked the Epik hoster with the right-wing radical sites appeared first on Gridinsoft Blog.

]]>
Anonymous hacktivists attacked into the database of the domain registrar and hoster Epik, which was previously often criticized for hosting right-wing sites including 8chan, Gab, Parler and The Donald. The data stolen from the hoster (more than 180 GB) was published in torrent format and, according to hackers, it contains information from the last decade.

The hack, which, judging by the time marks, is dated February of this year, was announced by the hackers on a special website, as well as on 4chan.

This hack was carried out by the hacktivists as part of the #OperationJane campaign, which is directed against the recently passed Texas “heartbeat law“, which severely restricts women’s right to abortion. Earlier, as part of this operation, Anonymous defaced the website of the Texas Republican Party, which was involved in promoting the controversial law.

The Record reports that a person associated with Anonymous provided a full copy of the dump at the disposal of the editors, and the study of this database only confirms all the hackers’ claims. For example, a 32 GB torrent file hosted on the DDoSecrets portal includes several SQL database dumps, which contain gigabytes of confidential information, including information about domain owners and transactions, account data, and a large collection of various personal data.

Most of the archived data contained exactly what the hackers were talking about: SSH keys, source codes, mailbox contents, and many private keys that neither hackers nor journalists were able to associate with anything in particular.

Anonymous claims that the leak contains information on all domains that have ever been hosted or registered with Epik, but it simply cannot be verified. Instead, The Record reporters called three randomly selected Epik clients whose data was in the dump and verified that the leak contained their real names, email addresses and residential addresses.

At the same time, the hacktivists themselves propose to use the leak not only to denigrate Epik, which supports the radical right, but also urge reporters, activists and information security researchers to study the dump and search it for information about domains associated with government hackers, terrorists and Nazis.

It’s time to find out which family member was secretly running a fetish site with ivermectin horse porn, publishing of disinformation, or yet another hellhole [with ideas] of QAnon. Do you want to know when the government decided to offer hosting to a number of domestic terrorist groups without those pesky and obstructing reverse proxies mitigating DDoS attacks? Do you want to know the identity of the owner of a domain or set of domains used in another influence operation? Find out the IP addresses of Nazi sites for further investigation, elicitation and probing!hackers write.

Interestingly, Epik representatives deny the hack:

We are not aware of any leaks. We take the security of our customers’ data very seriously and are investigating these claims.the company said.

Anonymous representatives have already laughed at this statement of the company: in response, the hacktivists hacked into the Epik knowledge base and made their own edits to it.

Anonymous attacked Epik

On September 13, 2021, a group of kids calling themselves Anonymous, whom we had never heard of, said that they managed to get, well, all our data, and then they leaked it. They claim to have leaked all of our users’ data, truly everything. All usernames, passwords, emails, support requests have bypassed all of our anonymization mechanisms. Of course, this is not true. We are not fools to allow such a thing.the hackers wrote in the knowledge base.

The message ended with a sarcastic statement: “We wrote it all ourselves, and obviously it not a part of the hacked account.” Currently, Epik employees have already removed this page.

You might also be interested in the information that ProxyToken Vulnerability Allows Stealing Mail Through Microsoft Exchange.

The post Anonymous hacktivists attacked the Epik hoster with the right-wing radical sites appeared first on Gridinsoft Blog.

]]>
https://gridinsoft.com/blogs/anonymous-hacktivists-attacked-the-epik-hoster/feed/ 0 5929