NameSilo

Epik Had A Major Breach

Labeled as alert in Warnings and Alerts, started by Silentptnr, Sep 14, 2021

Replies:
3,612
Views:
190,999

  1. Jurgen Wolf

    Jurgen Wolf Top Contributor VIP ★★★★★★★★★★

    Posts:
    12,120
    Likes Received:
    11,019
    Were total slowness and troubles there... with any changes for domains.
    Not just login form.

    BEFORE this thread.
     
    Last edited: Sep 15, 2021
    The views expressed on this page by users and staff are their own, not those of NamePros.
  2. Paul

    Paul CTO, NamePros CTO VIP Gold Account

    Posts:
    2,217
    Likes Received:
    4,245
    Yes, you've mentioned that once or twice. ;) Unfortunately, without additional information, that's not particularly useful in assessing what happened.
     
  3. Jurgen Wolf

    Jurgen Wolf Top Contributor VIP ★★★★★★★★★★

    Posts:
    12,120
    Likes Received:
    11,019
    For example, after I clicked SAVE button for another nameservers - successful banner appeared after ~30 seconds.
     
  4. tonyk2000

    tonyk2000 Top Contributor VIP ★★★★★★★★★★

    Posts:
    2,467
    Likes Received:
    4,426
    As a side note. The pdf mentions Epik-provided "hosting" of various websites the hackers do not like. I refreshed my memory and checked whois of a few domains of this nature (registered via epik). Would not post domains in this thread - it is indexed and may attract irrelevant comments from non-domaining community as the result. But, any domainer can generate such a list. From ~3 domains I remembered, ALL are using cloudflare dns servers and cloudflare IPs. So, epik serves as a registrar only. So, it is unclear what are the hackers speaking about? What real IPs, hosting companies, etc..? Just the non-private whois (how real would it really be?)... payment details maybe (should be anonymous like btc)... ?
     
  5. .X.

    .X. In God I Trust VIP ★★★★★★★★★★

    Posts:
    17,115
    Likes Received:
    21,601
    a couple of things that we need hear from the people themselves … first from Rob Monster concerning the whole situation.. second from Anonymous as to rather it is truly anonymous that did the hack .
     
  6. Paul

    Paul CTO, NamePros CTO VIP Gold Account

    Posts:
    2,217
    Likes Received:
    4,245
    @tonyk2000, I wouldn't read too much into the message written by the attacker.
     
  7. Paul

    Paul CTO, NamePros CTO VIP Gold Account

    Posts:
    2,217
    Likes Received:
    4,245
    "Anonymous" isn't a cohesive entity or organization; it's just a term used by random attackers. The letter from the attacker even pokes fun at this fact:
    As such, there's no way you could "hear from Anonymous."
     
    Last edited: Sep 15, 2021
  8. .X.

    .X. In God I Trust VIP ★★★★★★★★★★

    Posts:
    17,115
    Likes Received:
    21,601
    I looked all over the internet .. including Dark .. I have found nothing from Anonymous stating they coordinated and are responsible for the hack .. so until clarity comes from Rob Monster and Anonymous.. I will just monitor
     
  9. Paul

    Paul CTO, NamePros CTO VIP Gold Account

    Posts:
    2,217
    Likes Received:
    4,245
    I've already explained this.
     
  10. .X.

    .X. In God I Trust VIP ★★★★★★★★★★

    Posts:
    17,115
    Likes Received:
    21,601
    the hacker or hackers usually post a video .. if it’s an anonymous hacker .. maybe things have changed though .. who knows
     
  11. tonyk2000

    tonyk2000 Top Contributor VIP ★★★★★★★★★★

    Posts:
    2,467
    Likes Received:
    4,426
    Yeah, indeed :) But, due to radio silence we have from epik... what else?
     
  12. Paul

    Paul CTO, NamePros CTO VIP Gold Account

    Posts:
    2,217
    Likes Received:
    4,245
    It's never been like that. It's a common point of confusion.

    It would be akin to a group of people who wear jeans. Anyone can join the group by simply wearing jeans. Who represents the group? Well, nobody, really; it's just an arbitrary collection of people who have decided they want to be part of that collection.

    Attackers know this causes confusion and play it up.
     
  13. .X.

    .X. In God I Trust VIP ★★★★★★★★★★

    Posts:
    17,115
    Likes Received:
    21,601
    sorry .. I don’t dig through threads .. I join in on whatever page the thread is on and comment ..
     
  14. DirkS

    DirkS Dutchman.info VIP

    Posts:
    7,371
    Likes Received:
    6,768
    Skipped the couple of hundred posts. Is it true they were hacked? Sorry for being lazy but if true I'd better start transferring instead of going through all posts.
     
  15. .X.

    .X. In God I Trust VIP ★★★★★★★★★★

    Posts:
    17,115
    Likes Received:
    21,601
    I am fully aware it is not a group .. gang or the sort … it’s not an alliance .. it’s an allegiance and all that stuff .. I had a friend of mine do the Dark Web shit .. there was nothing of data release or any one flaunting responsibility for that attack ..at least not as of 3 am ..
     
  16. Paul

    Paul CTO, NamePros CTO VIP Gold Account

    Posts:
    2,217
    Likes Received:
    4,245
    The data is being distributed publicly--not on the dark web, but out in the open. Links were accessible via various news articles yesterday. (Edit: I've removed references to specific news articles, since it's possible the authors didn't realize what they were publishing.)

    The snippets of data I've seen appear to indicate as much, but the dataset is quite large, so I don't think anyone can be certain at this point. Epik doesn't seem to have commented.
     
    Last edited: Sep 15, 2021
  17. equity78

    equity78 Top Member TheDomains Staff TLDInvestors.com PRO VIP ★★★★★★★★★★

    Posts:
    16,599
    Likes Received:
    25,041
    Paul thanks for chiming in glad I tagged you. What would the steps be in order from first to last if you were consulted here or owned Epik in it's entirety?
     
  18. .X.

    .X. In God I Trust VIP ★★★★★★★★★★

    Posts:
    17,115
    Likes Received:
    21,601
    there actually is a video made that posted on Twitter .. I am on my phone and can’t post it .. but it is common for Anonymous to post a video .. they did
     
  19. Paul

    Paul CTO, NamePros CTO VIP Gold Account

    Posts:
    2,217
    Likes Received:
    4,245
    I would need to know a lot more about Epik, its staff, and its infrastructure before I would be able to answer that.

    If I were to be consulted, my first step would be to acquire that information.

    There's no "they."
     
    Last edited: Sep 15, 2021
  20. DirkS

    DirkS Dutchman.info VIP

    Posts:
    7,371
    Likes Received:
    6,768
    Thanks @Paul . Gonna be a busy night moving stuff... Fortunately there's a NC promo running. Got some developed stuff there (just regs, not hosting) so time is of the essence.
     
  21. .X.

    .X. In God I Trust VIP ★★★★★★★★★★

    Posts:
    17,115
    Likes Received:
    21,601
    I meant .. who ever did it .. it .. him .. her .. them
     
    Last edited: Sep 15, 2021
  22. Paul

    Paul CTO, NamePros CTO VIP Gold Account

    Posts:
    2,217
    Likes Received:
    4,245
    I suppose the one step that applies no matter what is: log everything. From the moment you find out there might be an issue, everything needs to be recorded. This has a number of benefits:
    1. It forces you to think about what you're doing instead of panicking.
    2. It provides a record of your response. Optionally, it can be published live to reassure users that you're responding to the incident.
    3. It ensures everyone responding is on the same page.
    4. For long incidents, it allows you to hand off, which is important: tired, stressed incidence response teams make mistakes, so each individual on the team needs to be able to rest without fear of being paged.
    5. It enables to you to learn from the incident after-the-fact.
     
    Last edited: Sep 15, 2021
  23. frostify

    frostify Top Contributor VIP

    Posts:
    1,836
    Likes Received:
    974
    I think it’s been a long enough period of silence from Rob/Epik that I’m going to begin the process of moving out domains to another registrar.

    At the very least they could have put a banner or blog post up saying “we’re investigating, here’s what customers should do in the meantime…” but they haven’t.
     
  24. Lox

    Lox _____ VIP

    Posts:
    3,829
    Likes Received:
    7,030
    The @ AnonOpsSE posted (@ AnonOps didn't )

    twitter .com /AnonOpsSE/status/1438100775968837636

    ann.jpg
     
  25. DN Playbook

    DN Playbook Established Member

    Posts:
    571
    Likes Received:
    968
    This thread is exploding. I still have a few pages to catch up on. Here are brief thoughts.

    Hackers come in many different colors. Most are determined to steal data and sell it on the dark web. Identity theft, bribes, ransomware, and other scams. This one sounds like it was motivated by Rob's position on free speech, hate speech to be precise. This is well documented on NP, Wikipedia, and many other sites, including journalist articles. I don't know what he was thinking. Maybe a way to differentiate his company.

    This is very true. The bigger the company gets the more likely it will become a target. But what is most important is what is the company's response.
     

Want to reply or ask your own question?

It only takes a minute to sign up – and it's free!
Topics / Tags:
biix
  1. NamePros uses cookies and similar technologies. By using this site, you are agreeing to our privacy policy, terms, and use of cookies.
    Dismiss Notice
Loading...