Dynadot

alert Epik Had A Major Breach

NameSilo
Watch

Silentptnr

Domains88.comTop Member
Impact
47,106
Last edited:
33
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
That's quite the rabbit hole. LOL. I wouldn't be surprised if CIA, DOJ, FBI, and other governments were monitoring/spying. But if any of them owned E it would have been run a lot smarter. LOL.

I'm sure it will be found out. Including the ones investing in this business with their capital.
 
Last edited:
0
•••
That's quite the rabbit hole. LOL. I wouldn't be surprised if CIA, DOJ, FBI, and other governments were monitoring/spying. But if any of them owned E it would have been run a lot smarter. LOL.

They probably were but they can't use the data to prosecute without warrants and they can't get the warrants without probable cause against individuals. No way they could blanket warrant to go on fishing expedition SO they use these hackers to do their dirty work and publish the data publicly, then they can use to bring charges or co-opt people with threats to work as CIs.
 
1
•••
what is mimic?

Screenshot_20211020-063627_Google.jpg
 
1
•••
2
•••
A quick glance learned that it were historical OpenVPN config files with secrets. That could possibly be another attack vector when historical VPN traffic was captured.

@Derek Peterson At time of writing, this was my best explanation. With the new information that got published about the breach, I have my doubts about the word 'historical' VPN traffic which might as well be 'current' VPN traffic. Still not sure, but have to alert of the possibility.
 
Last edited:
2
•••
Intrust Ownership of Epik: Intrust Domains LLC owns 0.87% of Epik. These shares were issued as part of the consideration to acquire Intrust's registrar operations in 2011. No other assets were acquired in that deal. Intrust does not have any Board representation and have never had any. This asset purchase was done with Kenn Palm in 2011. Kenn has since left the domain industry altogether. I am still in contact with Kenn as I am a reference for his IT Consulting Business, Pilgrim Consulting.
Rob Monster, Nov 21, 2015 in the "Epik announces Escrow service" thread.
 
3
•••
This wasn't a response to me, just want to add a comment:

AYou should also know that many people have accused Monster of many things here and asked him many questions but he has not responded or even tried to defend one of them. You wanna know why? Because they are true.

"Slander is a legal term used to describe defamation or the act of harming a person or business's reputation by telling one or more people something that is untrue and damaging about them."

Ironically, Monster has "slandered" me many times to many people, including publicly on this very website, and privately to the owners of this website and others.

In writing it's called libel, spoken is slander.

In case anyone is wondering, with Monster as with Dicker, it is virtually impossible to libel a person who is a "public figure" such as for example a head of a "major corporation" - statements made would have to be not just false, but proven to be motivated by "malice" and that is very, very difficult and expensive to prove.

https://www.dmlp.org/legal-guide/proving-fault-actual-malice-and-negligence

Public Figures

There are two types of "public figures" recognized under defamation law: "all-purpose" public figures and "limited-purpose" public figures.

All-purpose public figures are private individuals who occupy "positions of such persuasive power and influence that they are deemed public figure for all purposes. . . . They invite attention and comment." Gertz v. Robert Welch, Inc., 418 U.S. 323, 345 (1972). For these individuals, the actual malice standard extends to virtually all aspects of their lives.

This category includes movie stars, elite professional athletes, and the heads of major corporations. Tom Cruise is one; that character actor you recognize instantly but can't quite name is probably not an all-purpose public figure.

Of course if Rob Monster should defame people who are not public figures that is a different matter.
 
Last edited:
3
•••
Last edited:
1
•••
So I think noone will complain and I won't get banned if I finally reveal that those mysterious bcc's to russia found by Finite Crystal were going to "intrust @ pilgrimcs .net" and the domain invoice was paid by Vitaliy Opryshko in Crimea and Russia.
 
3
•••
So I think noone will complain and I won't get banned if I finally reveal that those mysterious bcc's to russia found by Finite Crystal were going to "intrust @ pilgrimcs .net" and the domain invoice was paid by Vitaliy Opryshko in Crimea and Russia.

Hmm... Very interesting.

It seems like there is quite the tangled web here.

More and more will come out as everyone from low level amateurs to top level cybersecurity professionals keep looking at and analyzing the data.

I am starting to wonder what products Epik marketed are actually their own products, and what are just "white label" masquerading as their own.

Brad
 
Last edited:
2
•••
Last edited:
1
•••
Kind of explains to me why incoming mail for epik.com is handled by Google then.
 
0
•••
5
•••
Last edited:
5
•••
2
•••
Last edited:
2
•••
At this point, it seems reasonable to give Derek more credit for what he has contributed.
 
Last edited:
4
•••
7
•••
Just stumbled on this website -

https://all.ca/domain-search.php

A lot of the site is a clone of Epik. Is this site related to Epik, or are both using some "white label" software?

Epik -

Tired of annual renewals? Ever worry that you might have forgotten to renew an important domain? Save time, save money and skip the stress by registering your domains at Epik. Forever.

All.ca -

Tired of annual renewals? Ever worry that you might have forgotten to renew an important domain? Save time, save money and skip the stress by registering your domains at All.ca. Forever.

Both sites also are using TrustRatings.com and the footer template is identical along with a lot of the wording.

Brad
 
Last edited:
5
•••
Just stumbled on this website -

https://all.ca/domain-search.php

A lot of the site is a clone of Epik. Is this site related to Epik, or are both using some "white label" software?

Epik -

Tired of annual renewals? Ever worry that you might have forgotten to renew an important domain? Save time, save money and skip the stress by registering your domains at Epik. Forever.

All.ca -

Tired of annual renewals? Ever worry that you might have forgotten to renew an important domain? Save time, save money and skip the stress by registering your domains at All.ca. Forever.

Both sites also are using TrustRatings.com and the footer template is identical along with a lot of the wording.

Brad

Epik is all over the source code. The social media links are to Epik, the phone number being used is the one above on WeCanDevelopIt.com for Epik. The nameservers are Epik.

It is probably nothing really, I just find it interesting that there is an Epik clone site like that out there.

Brad
 
Last edited:
4
•••
You couldn't make this stuff up. It's almost the making of a film. Ah someone already did it, called it Swiss Miss...

Stanley and Oliver are mousetrap salesmen hoping to strike it rich in Switzerland, but get swindled out of all their money by a cheesemaker. While working off their hotel debt, Oliver falls in love with a chambermaid, Anna, who in reality is a famous opera singer spying on her composer husband, Victor, while he works on his new opera. The boys are assigned to move Vic...

https://www.imdb.com/title/tt0030824/
 
Last edited:
3
•••
Epik is all over the source code. The social media links are to Epik, the phone number being used is the one above on WeCanDevelopIt.com for Epik. The nameservers are Epik.

It is probably nothing really, I just find it interesting that there is an Epik clone site like that out there.

Brad

I found a post on another forum referencing All.ca by Epik, so looks like it is their website. I am not even sure if it is live yet.

I hope it is not built on the same code that lead to this data breach.

Brad
 
Last edited:
2
•••
The worrisome thing is that customers that didn't know about all this, will now be part of the investigations.
 
3
•••
Last edited:
2
•••
This is still a good time to file additions to the data breach notifications in all US states. The info that was prepared earlier by the lawyer is far from complete and was only about the 1st Epik data leak.
 
Last edited:
3
•••
Back