alert Epik Had A Major Breach

DN Playbook said:

Have there been any comments from Rob or official statements from Epik?

Click to expand...

I think there was just one post here from Rob, which didn't help at all. There were a few emails regarding the situation.

FiniteCrystal said:

No, in this case the hacker was an activist attempting to expose Epik's wealth of unsavory customers.

Click to expand...

It's sad that those customers who are not involved in any of that are suffering. I use Epik only to benefit from their discounts and great customer service.

In the efforts of saving those $2, we lost much more. Cheap things often have hidden costs.

FiniteCrystal said:

in this case the hacker was an activist attempting to expose Epik's wealth of unsavory customers.

Click to expand...

Why is it that there is so much attention being given by the activists and researchers to the Epik's so called unsavory customers, but all the other registrars and hosting companies that cater to all kinds of other unsavory customers and bad actors are being ignored.

What does your research reveal about the dark web and the things that go on in it.

Why are the so called racist groups that are politically of some interest to others getting all the spotlight while the child, drug, and sex trafficking sites are being ignored for the most parts by the activists and researchers.

IMO

oldtimer said:

Why is it that there is so much attention being given by the activists and researchers to the Epik's so called unsavory customers, but all the other registrars and hosting companies that cater to all kinds of other unsavory customers and bad actors are being ignored.

What does your research reveal about the dark web and the things that go on in it.

Why are the so called racist groups that are politically of some interest to others getting all the spotlight while the child, drug, and sex trafficking sites are being ignored for the most parts by the activists and researchers.

IMO

Click to expand...

There's nothing "so-called" about it, Epik made a name for themselves by accepting customers that other registrars terminated or didn't want to touch with a ten foot pole. This led them to attract more customers with similarly nefarious intentions. They were literally using domains getting kicked off of other registrars when they attracted negative press attention as a marketing stunt. In the aftermath of the Texas GOP's abortion snitch website being booted from GoDaddy and moving to Epik, it's no wonder that activists targeted them. If you don't want to deal with hacktivists, don't make yourself an attractive business for the authoritarian ghouls that want to destroy people's bodily autonomy.

Now, if we can get back to questions about the contents of the data instead of bickering over Epik's clientele, I'd appreciate it.

I'd also like to add that activists are actually interested in the data that relates to child or sex trafficking. Some discussion of this stuff is already taking place on Twitter, but it's important to research things thoroughly and make sure that the information is handed over to the appropriate authorities. Activists want to name and shame the people using Epik to spread hateful propaganda, heinous sex crimes are a more sensitive subject.

Thanks for your detailed response,

I am just curious if the actions taken here by the activists and researchers are motivated by politics or not.

I personally like to point out all that is ailing our World regardless of politics or any loyalties or affiliations to anyone side or group.

We all need to be activists 360 degrees.

IMO

oldtimer said:

I am just curious if the actions taken here by the activists and researchers are motivated by politics or not.

Click to expand...

Nobody is being shy about admitting their political bias. Anyone who does tell you that their actions aren't politically motivated is a liar. Political science is the study of policies and systems that govern every aspect of our everyday lives. Activism aims to change or improve those policies and systems to make the real world better resemble your ideal reality.

We've had our history with activism here. It can be useful at times, but to effect change it is sometimes much more useful to use diplomacy.

Diplomacy has it's place but is extremely ineffective if your political opponents are not interested in it.

NameFu said:

This profile already has 11k followers
https://twitter.com/epikfailsnippet?s=20

Click to expand...

Does this profile belong to guys behind all this?

This thread is slowly "dying". Which is an expected outcome imo, as, basically, everybody already said what they wanted to.

As a curiousity, I checked social networks and, to my surprise, found that "epik fail" theme is quite active there. Why is this? Why such a contrast?

Moreover, folks are now mixing covid+vaccines, far-right, neo-nazi and underage adult domains. Common sense prompts that neo-nazi supporter may well elect to receive a vaccine jab and may trust the "official" covid version(s). Why not? Similarly, far-left supporter may well elect not to receive a vaccine and question the "official" covid version. Again, why not? Health and politics are not the same. (I'm not U.S. citizen or resident though, so, if these things are working differently in U.S. - please correct me).

We support all good and we are against all bad things? A naive approach. So, even though I'm not Epik fanboy (zero domains now, zero domains on March 1st hack date, just an old dormant account) - I'm starting to think that what we see now in social networks is somewhat orchestrated. If so, it is directed against Epik as a company... And, politics + other stuff is just an excuse. At least, today. Why may be behind this and why - it is an open question.

It does not mean that the same entities "ordered" the original hack though... With such a low security, it was just a matter of time for epik to be hacked.

Just imho.

tonyk2000 said:

This thread is slowly "dying".

Click to expand...

Having read all 1,411 posts to date, I feel that's probably a good thing...! There has been a fair bit of running in circles at times.

tonyk2000 said:

I'm starting to think that what we see now in social networks is somewhat orchestrated. If so, it is directed against Epik as a company... And, politics + other stuff is just an excuse. At least, today. Why may be behind this and why - it is an open question.

Click to expand...

It is an interesting question. Not sure if we'll ever know the truth. But I must admit, with the level of hatred I have seen toward Epik/Rob at times, I have certainly felt that some people pretty much don't intend to stop until Epik is destroyed. I hope that's not the end result as it certainly isn't a good thing for the domain industry. But it's a sad situation.

In this case I don't know which came first - the chicken or the egg (i.e. the dislike for Rob and his political views, and thus the desire to ruin him, or whether people just use the political narrative as an excuse). There's not too much doubt that some have disagreed incredibly strongly with the way that Rob and Epik can be hard to separate in terms of politics. This has not helped the cause. But with all that aside I feel quite sure that the attacks now have taken a life of their own and no doubt there are some people involved who have no knowledge at all of Epik, but just like to... well, wreck things.

All IMHO of course.

This morning I received an APP notification that there was a new alert in one of my credit card apps. I logged into my account and looked at the new alert...

Here's what the alert said:

Email Address: (my email address)
Breached Site: epik.com
Password: Not exposed
Date Found on dark web: Sep 23, 2021

I was already nervous before this alert. Now I'm more nervous and getting really mad at the same time.

NicTraders said:

with the level of hatred I have seen toward Epik/Rob at times, I have certainly felt that some people pretty much don't intend to stop until Epik is destroyed.

Click to expand...

Besides that time in 2019/2020 when namepros was being flooded with epik promotion, I dont recall any hate towards epik. All the hate came down when it stopped.

Attacks/critics were inevitable, after labelling yourself as the guardian of deviants, extremists and racists.

What wasnt expected was the poor level of security that was intended to protect such people, after building your brand around that mind bending security and privacy.

Now their lives are f*ck*d.
Silly situation.

I feel the flaunting of the hack on Twitter has set a nice path for the FBI to go down .. when all of this is said and done .. due to the technology that the FBI and NSA have that hackivist have no idea they have .. It will not only net good results in the Epik hack .. but good results across the board .. younger people have not lived long enough to know .. the government always has technology far superior to that has been released to society .. there is nothing new with that .. just have to have been alive a while to know it and see it as it passed down when they are ready for mainstream society to have it ..


So basically … the hackivist and some people here feel justice has been served on Epik . while the people who use Epik for domaining Will most likely see justice served for their information and financials being hacked and released

.X. said:

I feel the flaunting of the hack on Twitter has set a nice path for the FBI to go down .. when all of this is said and done .. due to the technology that the FBI and NSA have that hackivist have no idea they have .. It will not only net good results in the Epik hack .. but good results across the board .. younger people have not lived long enough to know .. the government always has technology far superior to that has been released to society .. there is nothing new with that .. just have to have been alive a while to know it and see it as it passed down when they are ready for mainstream society to have it ..


So basically … the hackivist and some people here feel justice has been served on Epik . while the people who use Epik for domaining Will most likely see justice served for their information and financials being hacked and released

Click to expand...

They might have the technology yes, but the ressources, human time and effort to go and protect anyone whose info is released, I think you are being a little bit too optimistic/patriotic there.

A lot of people with bad intentions are going to get their hands on this data, dont rely on fbi.

Windoms said:

Attacks/critics were inevitable, after labelling yourself as the guardian of deviants, extremists and racists.

Click to expand...

Well, I don't recall seeing them label themselves as the guardian of such. Others labelled them in this manner. My recollection is that they labelled themselves as the guardians of free speech. Don't get me wrong - I don't support some of the sites they have hosted (even if it was in the name of free speech) - but by the same token I think they're a bit mis-characterized by the way they've been labelled.

Windoms said:

What wasnt expected was the poor level of security that was intended to protect such people, after building your brand around that mind bending security and privacy.

Click to expand...

Yes, gotta agree with you there. The offending Russian code which has been blamed should have been sorted out years ago.

Windoms said:

They might have the technology yes, but the ressources, human time and effort to go and protect anyone whose info is released, I think you are being a little bit too optimistic/patriotic there.

A lot of people with bad intentions are going to get their hands on this data, dont rely on fbi.

Click to expand...

This is my 4th data breach … I have already posted it .. but the last breach I was in thoroughly pissed me off .. changing CC numbers and all that … so I left the CC as it was .. sure enough someone used it .. I figured they would .. or was hoping so .. they did .. for two transactions of the exact same amount totaling $2,500 .. a good felony .. so I contacted the CC company .. then I contacted the FBI .. the result netted 18 Arrests .. 18 felony convictions .. what was pertinent to catching the people was the FBI knowing where the CC information was stolen from .. it ended up that they caught one person .. that one person snitched out another person .. that person snitched out another person .. it was a chain reaction among the criminals to try and save their ass while snitching on their friends …

it was quite the event .. I expect the same to happen with this Epik hack .. I have left my CC completely wide open for this .. it is open season to use .. I feel the Epik hack is going to net quite an event of arrests .. everything from the hacker to accomplices who don’t think they have done anything wrong .. intent and participation are everything in a court of law .. I learned something years ago after being arrested .. a judge told me .. ignorance of the law is no excuse ..

I am not proud of it .. but I have been arrested 14 times .. the most recent last year in Tulsa Oklahoma for assault .. the charge was dropped on that one .. 5 of the arrest resulted in convictions .. I have spent time in jail … I know the system.. due to being a dumb ass .. I know the laws damned good .. I know how things work once inside the jail ..inmates despise snitches .. inmates despise what is called trick and treat .. Hackers fit the trick and treat agenda .. they better hope they are put in solitary confinement.. that much I know .. they do not separate inmates by political affiliation or any thing else for that matter .. they don’t care .. I have been in a jail pod where they put rival gang members .. none of that shit matters inside .. everyone is on their own .. if a person enters a cell pod with what is called “Bad Paper Work “ = a crime or crimes that are not excepted by other inmates .. that person will not be in that cell pod long .. they will most likely be in the infirmary completely fucked up ..

Focus on securing your assets (dn's etc).

A problem for all companies in international business is lack of understanding "international" part (law, culture, folklore, beliefs, food, drink, etc) and effect on ...

Regards

The junk email issue now started to emerge.
In the past, I only got 5-10 junk mail per day but now I got 25-30+ per day.

NicTraders said:

Well, I don't recall seeing them label themselves as the guardian of such. Others labelled them in this manner. My recollection is that they labelled themselves as the guardians of free speech. Don't get me wrong - I don't support some of the sites they have hosted (even if it was in the name of free speech) - but by the same token I think they're a bit mis-characterized by the way they've been labelled.

Click to expand...

Its your responsibility to know where you are putting your feet.
You deal with these people, you know you are getting backlash.

.X. said:

This is my 4th data breach … I have already posted it .. but the last breach I was in thoroughly pissed me off .. changing CC numbers and all that … so I left the CC as it was .. sure enough someone used it .. I figured they would .. or was hoping so .. they did .. for two transactions of the exact same amount totaling $2,500 .. a good felony .. so I contacted the CC company .. then I contacted the FBI .. the result netted 18 Arrests .. 18 felony convictions .. what was pertinent to catching the people was the FBI knowing where the CC information was stolen from .. it ended up that they caught one person .. that one person snitched out another person .. that person snitched out another person .. it was a chain reaction among the criminals to try and save their ass while snitching on their friends …

it was quite the event .. I expect the same to happen with this Epik hack .. I have left my CC completely wide open for this .. it is open season to use .. I feel the Epik hack is going to net quite an event of arrests .. everything from the hacker to accomplices who don’t think they have done anything wrong .. intent and participation are everything in a court of law .. I learned something years ago after being arrested .. a judge told me .. ignorance of the law is no excuse ..

Click to expand...

Seems like that was fortunate. But I think with basic due diligence anyone could use your card without getting caught. Especially in this case where they dont need accomplices as the info is right there ready to be crafted however they please. I wouldnt leave my card "wide open" on this one, unless you want to go through the hurdles of getting a refund, cancelling the card and getting a new one at a time when you might not want that to happen.

Did not realize that one of the subpoena'ed domains was related to the SolarWinds hack, and that "Malware used against SolarWinds pinged a site hosted by Epik."

https://www.dailydot.com/debug/epik-hack-subpoenas-data-preservation-leak/

Did anyone receive a suspicious looking mail allegedly from E?

Got 1 apparently from "maychen" @ E with super suspicious title "follow up". Sounds like a spammer/scammer with spoofed email address but I'm not sure.