alert Epik Had A Major Breach

[Silentptnr]

Just read this. Looks like Epik may have been hacked and sensitive data compromised...

Read here:
https://domainnamewire.com/2021/09/14/hackers-claim-significant-epik-breach/

Thought I would share this.

 

[Derek Peterson]

The screenshotted text in my tweet is from the transcript of Rob's Q&A session. The transcript is timestamped if you want to hear it from the horse's mouth. He came back to the topic a few times throughout the Q&A so i'll try to summarize: when Epik acquired the Colorado Springs-based IntrustDomains in 2011, "it came with a Russian development team". "At the time they were based in the Ukraine, or in the Crimea region. Then there were wars and then they moved to Krasnodar, and they’re based there." "The code base that the Russians were totally safeguarding, they wouldn’t give our new engineers access to the git, now we know why: the code sucked."

Epik engineers outside of that group only gained access to this 10-year-old git repository following the hack: "our top engineers mostly hadn’t seen that code because it was kind of blackboxed, behind a firewall, separate git repository, and not part of the Epik git. And that might sound surprising… considering that we’re like a registrar, but that’s basically because of the history of how that company became part of Epik. It was an acquisition, it is a captive dev team, and I’ve operated with that group to a large extent on the basis of trust. They’re good people, they’re honorable people, ethical, responsible people, but their coding methods and frameworks are not up to standard, and they’ve pretty much handed over all the keys to two top guys, Justin Tabb, David Roman."

Thank you very much for that and WOW but not surprising. Most of his products were (haven't looked for over a year) white labels which he claimed to have built and have 100% control of.

 

[Jona4s]

Is there a way to create a list of all the websites

418,923
https://trends.builtwith.com/websitelist/NatCoWeb

 

[Derek Peterson]

418,923
https://trends.builtwith.com/websitelist/NatCoWeb

Sweet. Thanks!

 

[branding]

Sweet. Thanks!

Keep in mind there are people reselling service from within their infra. There are legit hosts/websites amongst them.

 

[bmugford]

Hackers expose Texas GOP's 'sensitive documents' and 'dark memes' in wake of abortion law: report

https://www.rawstory.com/texas-gop-epik-hack/

https://www.dailydot.com/debug/anonymous-texas-gop-epik/

https://twitter.com/x/status/1445102210354982915

I wonder what else was breached. I still have questions about ID documents which have not been addressed by Epik. I also have questions about potential integrated accounts like Sedo, Afternic, Escrow.com, etc.

Also what about hosted data and login/passwords, among other things.

The exact depth of this hack is still unknown. Epik is providing no clarity.

Brad

 

[bmugford]

I wonder how many phases there are going to be?

https://twitter.com/x/status/1445042503053463556

 

[Derek Peterson]

418,923
https://trends.builtwith.com/websitelist/NatCoWeb

About all porn, loli and human trafficking. Very Christian.

 

[DN Playbook]

Epik engineers outside of that group only gained access to this 10-year-old git repository following the hack: "our top engineers mostly hadn’t seen that code because it was kind of blackboxed, behind a firewall, separate git repository, and not part of the Epik git. And that might sound surprising… considering that we’re like a registrar, but that’s basically because of the history of how that company became part of Epik. It was an acquisition, it is a captive dev team, and I’ve operated with that group to a large extent on the basis of trust. They’re good people, they’re honorable people, ethical, responsible people, but their coding methods and frameworks are not up to standard, and they’ve pretty much handed over all the keys to two top guys, Justin Tabb, David Roman."

It didn't sound to me like white labeling—Rob said they acquired the registrar code and engineering team from Intrust. But for some reason, it seems they allowed the engineering team to retain total ownership of the code, totally siloed from the rest of Epik's team.

All of this is just so convoluted, it boggles the mind. They are "good people", "honorable", "ethical", "responsible". But their code sucked and they wouldn't give access. But we still used it to make money for as long as we could. What?! Who runs a company this way?

 

[mr-x]

Hate speech is not free speech. More importantly, [CITATION NEEDED], because I'm positive that exactly zero people in Canada have been arrested for saying that, despite the fact that it is a vile and reprehensible statement that has no place in polite society.

Hate speech is free speech. Speech you or the majority doesn't agree with is why free speech is important and the #1A of the USA Constitution.

 

[tonyk2000]

Investigative journalists from twitter are once again trying to connect the dots (Epik and the datacenter):

Fascinating. Yeah, it may not be easy for the journalists to understand how internet works in aspects of datacenters, RIRs (regional Internet registries), and IP addresses distribution. So - as easy and simplified as possible: Does Rob Monster have all servers in his basement or bedroom? Probably, no. Epik, Godaddy, Network Solutions, etc. - they all need to use datacenters (colocation providers). This is because they need internet connectivity, ventilated racks and the like.

Epik is using Natcoweb for this purpose. End of story.

It takes ~5 minutes to find out that Natcoweb existed long before Rob/Epik acquired Intrust Domains (and started to operate in all aspects relevant to current discussion), and even before Rob joined Epik.

In particular:

Webhosting talk forum shows that the member Natcoweb joined in Apr 2009.

Webarchive shows the earliest version of hqhost website (which appears to be one of natco retail arms) dated back to ~2003.

Epik has acquired IntrustDomains in 2011.

What else? The CEO has a name of Russian origin? Sergey Brin is also Russian name, but this guy is one of Google founders.

Earlier, investigative journalists found that Epik is sitting on billions of $$$ in 4-symbol domain assets. Now, they are mixing Epik and its clients with the datacenter and their clients. What would be the next sensation? ;-()

 

[Mr. Glomar]

It would be helpful if someone with knowledge of this kind of class actions regarding data breaches could participate in this discussion.

Something like this, basically.

How Many People Do You Need for a Class Action Lawsuit? | Class Action Lawsuits | Ben Crump

Lawyers get richer, affected parties usually get a bag of peanuts and that's that.

 

[mr-x]

Love all the twitter investigators with no-name, affiliation. Just like real journalist.

 

[.X.]

I wonder how

I'm sure you know more about scripture than most but in the Bible, didn't God exterminate a bunch of people he didn't particularly like and wanted to start over with Noah and a boat? I don't think he killed them because he loved them.
And then there's the story of 'Sodom' and Gomorrah. Which entirely refutes what you said...

Not that I care. It's just some food for thought

I would explain why in detail .. but this thread isn’t the place…

it appears the hacking continues .. i think .. sure there are some who don’t want to be exposed .. but as a majority .. I wouldn’t think the people who are in the affiliations being exposed have any shame in being in their affiliation and cause … no more than I would think any Far Left people have any shame in their affiliation or exposure for participating in the affiliation activities or causes.

 

[bmugford]

Love all the twitter investigators with no-name, affiliation. Just like real journalist.

Yeah, well it is what it is. Rob and Epik are basically saying nothing on the subject.

Good or bad there are a lot of people analyzing the data from amateurs to top tier security experts, and everything in between.

Brad

 

[.X.]

Love all the twitter investigators with no-name, affiliation. Just like real journalist.

it’s the going thing today .. claim “Independent ” and you can be a Independent Investigator .. Independent?? Name your title .. we already know “Media” Research .. Journalist .. video producer are all approved with certain law enforcement officials of certain states .. as we have seen

 

[bmugford]

I would explain why in detail .. but this thread isn’t the place…

it appears the hacking continues .. i think .. sure there are some who don’t want to be exposed .. but as a majority .. I wouldn’t think the people who are in the affiliations being exposed have any shame in being in their affiliation and cause … no more than I would think any Far Right people have any shame in their affiliation or exposure for participating in the affiliation activities or causes.

Well, it sure looks like from analysis of the data breach that a lot of people have been trying to hide their connections to groups, organizations, websites, etc. Only they can answer why that is if they are so proud of these connections.

Brad

 

[DN Playbook]

Investigative journalists from twitter are once again trying to connect the dots (Epik and the datacenter):

This is because they need internet connectivity, ventilated racks and the like.

Now, they are mixing Epik and its clients with the datacenter and their clients. What would be the next sensation? ;-()

Not sure exactly what your point is, but data services providers will not be responsible for activities on their networks that violate their terms. Also the developers of the code are not in the jurisdiction of US laws. Hence the buck will land in RM/E's court in all likelihood. Time will tell.

Something like this, basically.

How Many People Do You Need for a Class Action Lawsuit? | Class Action Lawsuits | Ben Crump

Lawyers get richer, affected parties usually get a bag of peanuts and that's that.

This is why there is an investigation first, to see if there are sufficient plaintiffs to make a class action lawsuit likely lead to a settlement.

And BTW, western economies thrive on the legal system.

 

[mr-x]

At this point, it's not a wise thing to encourage someone to download the data, especially not @Paul.

Honest question, why?

 

[mr-x]

Well, it sure looks like from analysis of the data breach that a lot of people have been trying to hide their connections to groups, organizations, websites, etc. Only they can answer why that is if they are so proud of these connections.

Brad

Are you kidding? Gina Carano was fired for posting Beep / Bop / Boop as her pronouns after weeks of harassment by left wing lunitics. People have been fired from their jobs for tweets made as teenagers.

If you're a conservative or Christian, your going to be harassed. Also, people have all kinds of reasons for not wanting others to know what they are doing.

 

[bmugford]

Are you kidding? Gina Carano was fired for posting Beep / Bop / Boop as her pronouns after weeks of harassment by left wing lunitics. People have been fired from their jobs for tweets made as teenagers.

Well, private companies can employ who they want. If you don't like their decisions then don't buy their products or services.

Either way, the point being that a lot of people were/are hiding their connections for whatever reasons. It might be that, it might be shame, it might be legal issues, or any number of other reasons.

Brad

 

[mr-x]

Yeah, well it is what it is. Rob and Epik are basically saying nothing on the subject.

Good or bad there are a lot of people analyzing the data from amateurs to top tier security experts, and everything in between.

Brad

Thanks but I wasn't talking about people actually investigating.

 

[Derek Peterson]

It didn't sound to me like white labeling—Rob said they acquired the registrar code and engineering team from Intrust. But for some reason, it seems they allowed the engineering team to retain total ownership of the code, totally siloed from the rest of Epik's team.

Yeah, proprietary code. He doesn't like to build or manage things. Not exactly a white label but same general idea as far as not having to build or manage.

 

[mr-x]

Yeah, proprietary code. He doesn't like to build or manage things. Not exactly a white label but same general idea as far as not having to build or manage.

Technically he owned the code and the engineers worked for him, so not a white label. Must have been some conversation when they refused to give access. Job security.

 

[bmugford]

Technically he owned the code and the engineers worked for him, so not a white label. Must have been some conversation when they refused to give access. Job security.

Not sure how you can refuse to give the code to a product you own. That should have been the first warning sign, in fact that should have been part of due diligence before they even bought them.

Brad

 

[FiniteCrystal]

Love all the twitter investigators with no-name, affiliation. Just like real journalist.

Probably because they don't want to be targeted by Joey Camp or one of the countless other fascist assholes who have a vested interest in keeping that information from getting out. Journalists have been getting doxxed non-stop since the first dump, people have very reasonable justifications to not want their name associated with their research in this case.