alert Epik Had A Major Breach

[Silentptnr]

Just read this. Looks like Epik may have been hacked and sensitive data compromised...

Read here:
https://domainnamewire.com/2021/09/14/hackers-claim-significant-epik-breach/

Thought I would share this.

 

[Derek Peterson]

"His company Epik describes itself as “the Swiss bank of domains” and is one of the few US-based registrars with a history of refusing to respond to reports of illegal activity. According to a report by the pharmaceutical watchdog organization LegitScript, Epik has been told that some of the domains the company sponsors sell illegal drugs and inauthentic medications, yet the company has not acted." (WIRED, 2018)

The issue, at least for me, is NOT about what sites Epik was servicing, it is about their lack of security, their lack of concern for user privacy and data, their dishonesty and now their outrageous response, and lack thereof, to the hack of ALL their users' very personal data.

The more you focus on political and social and moral things the less you focus on the main problem, Rob Monster is incompetent and dishonest, best case scenario.

 

[FernandoBMS]

A quick reminder that Rob Monster was not only denying that there was a breach, he was on Twitter posting links to websites created to defame the journalists who were reporting the story.

 

[branding]

This is more like Epik and Rob's 3r or 4th chance. I exposed their fake VPN over 2 years ago and he reacted the exact same way - lie, attack, deflect and manipulate with hyper-spiritual gobly gook. The fact is that they just don't care. You can not make someone care. You might be able to force them to make some changes but the same behavior will be back in the future to hurt others again.

Thanks. I think I commented on this some years back. I have reason/sources to support you're right about most of this. I think we as a domainer forum should focus on E the registrar though.

Main takeaway, apparently E never audited their acquisitions in the right way, hence they acquired a registrar which wasn't very secure to begin with, which is an understatement.

What baffles me though is, they've been integrating a lot of stuff. At some point you'll be going through some of your registrar code to make that work... It's weird no one noticed. There were/are some talented people at E...

 

[DN Playbook]

Dear Paul,

This is a note written to your highest self.

First of all, I want to acknowledge that NamePros as a community is fundamentally a force for good where industry participants have an opportunity to learn from each other and overcome challenges as they arise. I am thankful that it exists.

My reason for acquiring DNF earlier this year was not because I want to be in the forum business. I don’t. Rather it was because of what I observed to be a systematic anti-Epik bias. This troubled me and the situation at NP did not improve.

As for the most recent hack incident, we are certainly learning from it. You likely heard that we secured significant investment funding. We have not announced the full extent of the hiring and acquisitions but suffice it to say, we have been upgrading.

Already before this investment, Epik was moving swiftly to bring new innovations to the industry. Although we are not without our blind spots or shortcomings, the progress of maturing as a company was well under way.

The hack incident is relatively understood. We know who did it, how they did it, and when they did it. We also have a pretty good idea of why they did it and for whose benefit.

As I review the latest NP thread, what I find most troubling is that you are actively participating in what looks to be a concerted effort to defame and undermine Epik. In all sincerity, and in the spirit of “love thy neighbor”, this is not a good look for you.

Your name is Paul — the namesake of the man who was once Saul of Tarsus. Whoever named you likely had some awareness of Paul. It is a Biblical name. As Bible characters go, Paul is a personal favorite as he embodies the optimistic view on man’s journey.

So, why am I telling you this? Because the choices you are making will have consequences.

Epik will not perish. Our compliance team is following best practices. Our insurance coverage is ample. Our team is solid. Our domains under management continues to grow. And lastly, and most importantly, because God is on the throne.

My encouragement to you is to view your current actions and choices through an eternal lens. If souls are eternal, as I am quite sure they are, then even a $1 million “Epik Fail” bounty would not be worth it if it factored materially in your eternal path.

Finally, as I believe there are many folks who are likely damning themselves with false testimony, I would encourage a time slot that allows forum thread commenters the opporunity to go back and redact any false testimony before it is memorialized for consequence.

Regards,
Rob

Edit:

My reply:

Have I made any incorrect statements of fact? If so, please enumerate them.

His response:

Paul,

This was not a legal letter. Perhaps you have decided to make it one but please know that the note I wrote was written to your eternal soul.

Regards,
Rob

Breaking News
Show attachment 200908

The only rational explanation for radio silence from RM/E is that they are listening to lawyers. Likely to mitigate possible class action or criminal charges. Total speculation on my part, but it seems reasonable.

When you are dealing with thousands of customers using your network and services, security is a monumental task on par with the code powering your infrastructure.

These small scale responses are bizarre. It almost sounds like RM is fighting the urge to make public statements against legal advice.

 

[Derek Peterson]

Thanks. I think I commented on this some years back. I have reason/sources to support you're right about most of this. I think we as a domainer forum should focus on E the registrar though.

Main takeaway, apparently E never audited their acquisitions in the right way, hence they acquired a registrar which wasn't very secure to begin with, which is an understatement.

What baffles me though is, they've been integrating a lot of stuff. At some point you'll be going through some of your registrar code to make that work... It's weird no one noticed. There were/are some talented people at E...

Rob Monster has owned Epik for like 10 years, enough time to check on the code and security. He doesn't care.

 

[Derek Peterson]

The only rational explanation for radio silence from RM/E is that they are listening to lawyers. Likely to mitigate possible class action or criminal charges. Total speculation on my part, but it seems reasonable.

When you are dealing with thousands of customers using your network and services, security is a monumental task on par with the code powering your infrastructure.

These small scale responses are bizarre. It almost sounds like RM is fighting the urge to make public statements against legal advice.

I think we are all in unity on the truth, except for Monster. He is used to bullying employees and family or people he has control over. Must be frustrating to have to look at and deal with reality for a change.

 

[branding]

Rob Monster has owned Epik for like 10 years, enough time to check on the code and security. He doesn't care.

Maybe so, or he lacks the technical skills and knowledge which seems a plausible explanation. Either way, it's what resulted in the devastating hack we're experiencing.

 

[Derek Peterson]

Maybe so, or he lacks the technical skills and knowledge which seems a plausible explanation. Either way, it's what resulted in the devastating hack we're experiencing.

Of course he doesn't have the tech skills to do it himself but he has millions of dollars, hire someone. It isn't hard. The simple reality is that he doesn't care.

 

[mr-x]

A quick reminder that Rob Monster was not only denying that there was a breach, he was on Twitter posting links to websites created to defame the journalists who were reporting the story.

Was it defamation or criticism?

 

[FernandoBMS]

Was it defamation or criticism?

It was defamation. And doxxing.

Edit/Note: Although Monster promised in the Q&A that it would no longer provide services to this network of doxxing and defamation websites, Epik continues to manage their domains to this day.

 

[carob]

"His company Epik describes itself as “the Swiss bank of domains” and is one of the few US-based registrars with a history of refusing to respond to reports of illegal activity. According to a report by the pharmaceutical watchdog organization LegitScript, Epik has been told that some of the domains the company sponsors sell illegal drugs and inauthentic medications, yet the company has not acted." (WIRED, 2018)

Here is Epik's own 2017 statement on LegitScript: https://www.epik.com/blog/why-i-stood-up-to-legitscript.html

https://www.legitscript.com/blog/2017/03/us-registrar-epik-plays-dangerous-game/


And a later case: https://www.namepros.com/threads/legitscript-and-name-com-holding-domains-hostage.1141035/

 

[carob]

https://www.epik.com/blog/why-i-stood-up-to-legitscript.html
/

In that blogpost from Epik.com Rob Monster says this:

I am rarely sick, avoid vaccines, and rarely take a pill other than nutritional supplements from reputable sources.

Other vaccine views here: https://www.namepros.com/threads/wh...-and-rob-monster.1128748/page-43#post-7190930

Not sure that extends to vaccinating servers against infection and hacking.

 

[Sid P]

Another Epik breach
The hacking collective Anonymous has announced another data leak from the web hosting company Epik. Data includes full disk images of Epik's server infrastructure & exposes at least 59 API keys for Twitter, Coinbase, PayPal, & more
dailydot .com/ debug/anonymous-new-epik-leak/
twitter .com /MikaelThalen/status/1443303462054236160

 

[Future Sensors]

Another Epik breach

Please be advised that this is not a new (3rd) data breach.

We're discussing the second one (the second data leak, to be more precise) for a few days already in this thread.

 

[br1ll1on]

I’m not keen on all the finger pointing here. We were strongly discouraging it before Rob emailed me, and that policy hasn’t changed.

It’s not helping anyone to assign blame right now, and it’s a subjective matter anyway—we could argue for hundreds of pages about it, and it wouldn’t do anyone any good. It would not help any of the victims here.



Once again, we do not allow vague, personal accusations. Please do not make this thread political; those discussions are already taking place elsewhere, and it isn’t the purpose of this forum.

I think we are all in unity on the truth, except for Monster. He is used to bullying employees and family or people he has control over. Must be frustrating to have to look at and deal with reality for a change.

don't make it personal ,the thread is supposed to be used for addressing the Epik hack (even tho quite a few ppl have gone off that purpose)

 

[tonyk2000]

On the response (or lack thereof) of Epik to the customers (most notably in this thread, which is actually the richest source of information):

Tout Va Tres Bien Madame La Marquise, an old French song. French-speaking members can enjoy it in its entirety. English translation embedded...

 

[eternaldomains]

https://twitter.com/x/status/1443975549442011136

https://twitter.com/x/status/1443975550998130698

https://twitter.com/x/status/1443975552440930306

Sounds great but unfortunately it's a new Twit account with no followers. The general ignorant public will prefer to be out for blood and brand every domainer as a nazi rather than to listen to real research. That Troy Hunt poll proved their ignorance. People these days don't even understand what they're really voting for, believing that their publicly available WHOIS data was meant to be private. Attacking just 1 registrar when they should be attacking the registrars that they are using. There's no hope unless a kind tech celebrity says the quoted statements, a being that can only exist in another dimension far far away..........

 

[FiniteCrystal]

2) They are anarchist, that is their motive.

3) They are criminals in the worst sense. You can argue E. Snowden or CPL. Manning acted on principle. They exposed wrong doing by our Gov.

Anonymous hurts people. Period. They helped no-one.

Do you know anything about anarchist philosophy? Do you even know what an anarchist is? Moreover, you're simply wrong. Recent hacks have revealed links between far-right organizations and the US government, which I would argue absolutely constitutes "wrong doing". I would also argue that they've "helped" at least some people, such as that real estate agency that doesn't want to have a holocaust denier working for them.

Edit by moderator: aggressive sentence removed.

 

[jmcc]

There are some claims about domain names/websites changing IP addresses being made that don't seem quite right. Some of the sites have not changed IP address and had been previously pointing to Cloudflare IP addresses prior to the release of the first 180GB leak. Others are still pointing to Epik sales landers.

Regards...jmcc

 

[bmugford]

https://www.hackread.com/anonymous-leaks-more-epik-host-data/

Epik CEO’s Response
Soon after the breach was made public, in a four-hour-long Q&A session, Epik’s CEO Rob Monster tried to defend the company. However, his video conference was somewhat unusual as he uttered prayers to defeat demons and stated that the hard drives containing the hacked data were cursed.

 

[DN Playbook]

https://www.hackread.com/anonymous-leaks-more-epik-host-data/

Epik CEO’s Response
Soon after the breach was made public, in a four-hour-long Q&A session, Epik’s CEO Rob Monster tried to defend the company. However, his video conference was somewhat unusual as he uttered prayers to defeat demons and stated that the hard drives containing the hacked data were cursed.

I watched most of it and that is not all that made it unusual. Most importantly, it provided no real information or solutions. Prayers, curses, and what, a "love you" to a swastika guy. This is stranger than fiction.

 

[Derek Peterson]

don't make it personal ,the thread is supposed to be used for addressing the Epik hack (even tho quite a few ppl have gone off that purpose)

Yes, which would include Epik and the CEO and other folks who work for Epik. A big part of discussing the hack is commenting on how poor the security was/is at Epik and their response and their past track record. That all falls on one person Rob Monster. Rob Monster is a person, therefore responses are "personal". See how that works. This thread is about much more than a technical analysis of how some hackers were able to get onto a server. It is about people, mostly Rob Monster and the decisions he makes and his character and abilities.

 

[Derek Peterson]

Does anyone know if any websites hosted by Epik have been "hacked" as a result the Epik data hacks?

 

[FiniteCrystal]

Does anyone know if any websites hosted by Epik have been "hacked" as a result the Epik data hacks?

The Texas GOP website was defaced before the data became public, and I have reason to believe that the hacker did that using information that was in the database. I'm not aware of any other cases but there have been a number of high-profile hacks in the last few weeks and I haven't been keeping up with all of them. If any Epik employees happen to be lurking here I would highly recommend resetting the passwords for all hosting accounts (and all accounts for anything, for that matter)

 

[branding]

Does anyone know if any websites hosted by Epik have been "hacked" as a result the Epik data hacks?

Haven't seen anything reported so far. I could think of a certain industry related forum that might be a target since it's hosted on E's infra.