Dynadot

alert Epik Had A Major Breach

Spaceship Spaceship
Watch

Silentptnr

Domains88.comTop Member
Impact
47,106
Last edited:
33
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
@Rob Monster posted on that "other forum" this:

"Surprise, surprise. NamePros decided to run the "Registrar of the Year" poll right on the heels of the very high profile NP Epik hack thread that I am referring to as a "struggle session"."

So the hack is a "struggle session" to persecute him. Not anything to do with the exposed personal data that he stored which was open to any hackers, even script kiddies. Poor guy, let's give Rob some slack.

Search "struggle session" if you don't know what it means.
 
4
•••
which was open to any hackers

This should not be overlooked. There are several indicators of compromise (IoC) of previous hacks and APT, command-and-control structures that were not detected or stopped adequately. In the category C2, one is the AR21-039B CISA/USgov analysis that made the connection with Russian government. Yes, Anonymous' circles leaked all the data, not good. But don't forget about other actors that already used and exploited the systems.

Reform and rebuild.

And drop the domains mentioned in the various analyses.
 
Last edited:
5
•••
Now we can see the real face of Rob Monster. For those of you who don't know who Rob Monster is, search on Google for definition of:
- Rob
- Monster
 
2
•••
Now we can see the real face of Rob Monster. For those of you who don't know who Rob Monster is, search on Google for definition of:
- Rob
- Monster
Mommy didnt spank him
 
0
•••
1
•••
Could someone technically inclined please make a list of all the specific things that Monster/Epik did and didn't do that they should have done? eg. saving failed login attempts in clear text or at all, saving credit card details on their own server. Perhaps in order from most to least egregious.

Don't be lazy. You can get all this information by reading Rob's official statements. When is the CNN thing?
 
2
•••
0
•••
If I could ask only 1 question it would be whether management has been aware of all this. The other questions then no longer need to be answered.
 
Last edited:
0
•••
I was trying to ask these questions many pages ago and am thrilled that folks are digging deeper into this.
 
2
•••
For example, earlier today, I interviewed a retired US Major General with a deep background in security, including cybersecurity.

Which Brigade?
 
0
•••
Who took the first initiative at the time to sell that registrar business to Epik?
 
Last edited:
0
•••
Who took the first initiative at the time to sell that registrar business to Epik?

"We made a decision that a client, or a supplier, that we were working with at the time called IntrustDomains based in Colorado Springs, they were providing software for drop catching. So when the domain name expires you drop catch it. They were providing us with drop catching services. But their customer service was atrocious, and so I flew down to Colorado Springs, talked to Kenn Palm who’s the founder and owner, and I said, “Kenn, you guys are really, really bad at customer service. Why don’t you sell me your registrar and let me run that registrar?” And so he agreed, and he didn’t charge me a ton, and so we bought that company, and it came with a Russian development team. So this was 2011, I think. June 2011."

Transcript of Rob Monster's live Q&A following the Epik breach (mollywhite.net)
 
3
•••
"We made a decision that a client, or a supplier, that we were working with at the time called IntrustDomains based in Colorado Springs, they were providing software for drop catching. So when the domain name expires you drop catch it. They were providing us with drop catching services. But their customer service was atrocious, and so I flew down to Colorado Springs, talked to Kenn Palm who’s the founder and owner, and I said, “Kenn, you guys are really, really bad at customer service. Why don’t you sell me your registrar and let me run that registrar?” And so he agreed, and he didn’t charge me a ton, and so we bought that company, and it came with a Russian development team. So this was 2011, I think. June 2011."

Transcript of Rob Monster's live Q&A following the Epik breach (mollywhite.net)

Sounds like a good deal.
 
0
•••
Sounds like a good deal.

Good deal for which party? Did Intrust know how bad the code was and just wanted to unload it and got a great opportunity? Sounds like the seller was motivated.
 
Last edited:
2
•••
Your narrative ops are transparent and weak. You showed up late to the party if you wanted to attempt to persuade the onlookers that this was bad; media cycle disagrees universally, the feds that lurk my Twitter feed (lol) are incredibly positive on it, it has resulted in the boosting of several federal investigations, Anonymous essentially *helped* the FBI here, as gross as that is for me to type out.

Thanks. Is there more to tell about this? Any developments that you're aware of, recently?
 
0
•••
This includes . . . NamePros "special relationship" with GoDaddy and Dynadot, and more.
Rob probably thinks that because:
In the interest of transparency, our team has voted for Google, Dynadot, and GoDaddy in past polls. These were solely our personal opinions as customers.

However, our access to vote in polls was removed a while ago after a decision was made that we shouldn’t use mod accounts to vote our personal opinions, so our votes won’t be reflected this year.



Surprise, surprise. NamePros decided to run the "Registrar of the Year" poll right on the heels of the very high profile NP Epik hack thread that I am referring to as a "struggle session".
To be clear, NamePros had no role in the decision of when this poll would run, and we didn't know about the poll until it was posted: Read more.

The poll's creator confirmed:



@Rob Monster, your misinforming and misleading words are not appreciated.

Please try not to assume the worst about others.
 
12
•••
Did Intrust know how bad the code was

We will probably never know more about that aspect of the 'shitty Russian code', as the CEO/partner (of which company then?) put it so eloquently in the video meeting with the hackers, against the advice of his lawyers. What we do know is that Epik's CEO couldn't get to the codebase, he was not allowed access, so the shitty coders knew at least something about security here and there. Mind you, the C2 infrastructures that have been found on the systems fall in the technically highly advanced category. It's not often that the Whitehouse describes things the way it did.

This is also the reason why I asked Rob about exact brigade number, because these things now really matter, on all sides.

https://blog.mollywhite.net/monster-qa/
 
Last edited:
0
•••
Last edited:
3
•••
For those interested in the broader context regarding Russia, cyber attacks, and elections, you could start here and follow subsequent articles. Or better, do your own research on your favorite media outlet.

Screenshot_20211025-161309_Google.jpg
 
Last edited:
1
•••
PayPal and other partners were probably informed, which could've been be the major reason for the termination. Writing epic letters mentioning registrar polls on NP won't work at that point, I'm afraid.
 
0
•••
To be clear, NamePros had no role in the decision of when this poll would run, and we didn't know about the poll until it was posted: Read more.

The poll's creator confirmed:


@Rob Monster, your misinforming and misleading words are not appreciated.

Please try not to assume the worst about others.

Truly, the pettiness of the man is unbelievable. Instead of posting updates of the response to the hack, he concerns himself with this?! By writing a long post about a random forum poll he is not in the lead in?! In which post he writes conspiracy theories?! This is what his mind is on. It's all about him. Not about his customers.

IMO, he acquired that other forum to attack NP, receive adulation from his fanatics, and promote his narrative. That's what it looks like. Because he is clearly displaying narcissistic behavior.
 
Last edited:
4
•••
Also, it is very interesting how he phrased it:

Surprise, surprise. NamePros decided to run the "Registrar of the Year" poll right on the heels of the very high profile NP Epik hack thread that I am referring to as a "struggle session". - RM on the other forum

He didn't write, a high profile hack. He wrote "the very high profile NP Epik hack thread". Does that sound to anyone else like he is enjoying all of this attention?
 
2
•••
With 'struggle' he means that their customers and all other affected stakeholders have to find out on Twitter and in the press wth is going on there.
 
1
•••
Last edited:
8
•••
1
•••
Back