alert Epik Had A Major Breach

[Silentptnr]

Just read this. Looks like Epik may have been hacked and sensitive data compromised...

Read here:
https://domainnamewire.com/2021/09/14/hackers-claim-significant-epik-breach/

Thought I would share this.

 

[DN Playbook]

I could unpack all of your lies but will just deal with this one. I was at church on Sunday with our family.

https://www.116church.org/

Seriously, I would move on from the self-deception and false testimony.

More hugs.

@Rob Monster, do we have to start reporting your posts as off-topic? Why are you being so cagey, why are you prevaricating? What scares you about the questions raised in this thread? They are not going away.

 

[MasterOfMyDomains]

I’ll call rob right now, save you asking what my relationship with mr monster and when did i speak with him.
What i would say to him. Answer Mugfords questions and tell us the truth.
i wouldnt mention that was classic ass kissing when he was interviewed by Steve.

Edited by moderator: removed name calling and personal attacks

 

[Derek Peterson]

I could unpack all of your lies but will just deal with this one. I was at church on Sunday with our family.

https://www.116church.org/

Seriously, I would move on from the self-deception and false testimony.

More hugs.

The internet is not Church.

Then go ahead and unpack that list and any other questions people have about the epic hack and your statements thus far. If you were a man of character, which I already knew you weren't, you would have come here and done just that but instead you did some weird marketing thing and then started with false personal attacks. You are just a dishonest and malicious person at your core. You go back and forth between personal attacks, threats and then trying to act spiritual. It is very weird and cult like manipulation tactic that will not work on someone like me. I believe nothing you say about anything, especially anything related to Christianity so shut up and answers the questions about Epik hack and your false claims that brought us here.


1) White label VPN claimed it was his own.
2) Stole marketing materials for DDoS and claimed it was his own.
3) Claimed to have totally secure site when he had no control of the code and never had it reviewed for 10+ years.
4) Stuff polls on Name pros with employees.
5) Fake reviews on Trustpilot
6) Hired Joey Camps and maybe others to "research" Mollie because of her Wiki entry about Epik.
7) Lied about hack
8) Lied about taking down Joey Camps' website.
9) Said hosting was on own servers but was reselling AWS.
10) Threatened entire NP forum and owner.
11) Lied about me (actual defamation) and threatened me.
12) Lied about storing of FULL credit card details
13) Lied about scope of the hack.
14) Sent shills to namepros to parrot his lies.

 

[Jason Baudendistel]

I had to cancel one of my business credit cards and get a new one issued. Had a bunch of random charges including from Apple. Some poor soul stole the number and actually purchased Apple products.

 

[bmugford]

I had to cancel one of my business credit cards and get a new one issued. Had a bunch of random charges including from Apple. Some poor soul stole the number and actually purchased Apple products.

That sounds like a pain.

I hope Rob's posts that included pictures of lemonade and popcorn were helpful to you in some way.

In all seriousness, people are dealing with the fallout from this with no guidance or updates from Epik.

Brad

 

[FernandoBMS]

Wow, this thread got salty, unlike Epik's MD5 hashes

 

[jmcc]

Wow, this thread got salty, unlike Epik's MD5 hashes

Yep. But given the scale of the compromise, salts for MD5 hashing wouldn't have made much difference. As outlined above, the impact on ordinary Epik customers is now becoming visible.

Regards...jmcc

 

[johnn]

Nothing change.
He will not answer the questions about the incident.
He just keep advertising his company, insert the links and nonsense images like Lemonade, Popcorn, Batman, etc... like a little KID.
This is the behavior of an CEO of The BEST TECHNOLOGY Company on the Internet.
I am not sure about him anymore unless he has a mental problems?

 

[Windoms]

We have more domains under management today than on September 13, and without any new promo

 

[Joe123]

I don't know if it is linked or a coincidence but since the data dump, my email's spam service has caught far more spam, sometimes dozens of emails a day. And my email address is likely only included in the dump because Epik scraped my whois.

 

[koolishman]

Yes.

Lots of spam mails since the hack.

 

[tonyk2000]

Confirmed. More spam. Including nigerian princes. To all emails (whois scraping).

 

[Windoms]

We have more domains under management today than on September 13, and without any new promo

Seriously why would anyone transfer domains into a boat whose hull is made of come-and-hack-me-type-of-meat sinking in an ocean full of sharks and whose occupants are deemed to be nazis and child molesters?

(With sharks having done 3 assaults)

 

[Jurgen Wolf]

Some "hacker" spammed me today regarding Pegasus spyware etc.
And requested 1 BTC from me.

 

[tonyk2000]

Trustratings (powered by Epik), was mentioned in this thread earlier. I checked their score with Trustratings (powered by Epik):

https://trustratings.com/trustratings.com

Does not look good.

 

[tonyk2000]

Seriously why would anyone transfer domains into a boat

Transfer-in .com promo ($6.99)?

 

[johnn]

Transfer-in .com promo ($6.99)?

you get what you paid for.

 

[SirDrago]

Transfer-in .com promo ($6.99)?

That's souly the price but here is the true cost...

According to the hackers, the contents include:

• Domain purchases
• Domain transfers
• WHOIS history
• DNS changes
• Email forwards, catch-alls, etc.
• Payment history
• Account credentials
• Over 500,000 private keys
• An employee's mailbox
• Git repositories
• /home/ and /root/ directories of a core system
• Bootable disk images

 

[Jurgen Wolf]

Some "hacker" spammed me today regarding Pegasus spyware etc.
And requested 1 BTC from me.

And it was delivered to my Inbox, so even Google didn't recognize this spam.

 

[DN Playbook]

I signed up to an account but never conducted any business. However, my email has been exposed:

Have I Been Pwned: Check if your email has been compromised in a data breach

"In September 2021, the domain registrar and web host Epik suffered a significant data breach, allegedly in retaliation for hosting alt-right websites. The breach exposed a huge volume of data not just of Epik customers, but also scraped WHOIS records belonging to individuals and organisations who were not Epik customers. The data included over 15 million unique email addresses (including anonymised versions for domain privacy), names, phone numbers, physical addresses, purchases and passwords stored in various formats."

It likely led to whois scraping of my domains at other registrars. My mistake was to use the same email I use for other registrars and whois info. Huge mistake.

 

[Jurgen Wolf]

I receive spam to my account email...
For WHOIS another email is used.

 

[Windoms]

My mistake was to use the same email I use for other registrars and whois info. Huge mistake.

Havent thought about that one but good idea moving forward.

 

[DN Playbook]

And it was delivered to my Inbox, so even Google didn't recognize this spam.

If your name and other personal data has been exposed and used in the spam email then Google will think it came from someone who knows you.

 

[Jurgen Wolf]

This sender didn't mention my name or personal details, he just sent this long letter to my Epik account email...

 

[br1ll1on]

And it was delivered to my Inbox, so even Google didn't recognize this spam.

if the sender ip is not blacklisted, the "from" email has no previous spam reports and there are only one to two links( or no links) in the email, google can't recognise as spam