NameSilo

Epik Had A Major Breach

Labeled as alert in Warnings and Alerts, started by Silentptnr, Sep 14, 2021

Replies:
3,616
Views:
191,381

  1. Derek Peterson

    Derek Peterson Restricted (15-30%) Gold Account

    Posts:
    323
    Likes Received:
    251
    So all the traffic was being stored?
     
    The views expressed on this page by users and staff are their own, not those of NamePros.
  2. Derek Peterson

    Derek Peterson Restricted (15-30%) Gold Account

    Posts:
    323
    Likes Received:
    251
    No, but I do care about others. He was promising everyone it was fully secure and private but it was really a white label be had no control of, like pretty much every single thing at Epik. eg. their entire website.
     
    Last edited: Oct 13, 2021
  3. Future Sensors

    Future Sensors 78% of human domainers will be replaced by robots Gold Account

    Posts:
    2,490
    Likes Received:
    8,377
    No sign that vpn traffic was captured or stored by Epik. Maybe. Other actors, also possible. Dots may be connected with the config files.
     
  4. Derek Peterson

    Derek Peterson Restricted (15-30%) Gold Account

    Posts:
    323
    Likes Received:
    251
    That would be a huge story if URLs were visible from VPN users? Be great if someone dug into that.
     
  5. Future Sensors

    Future Sensors 78% of human domainers will be replaced by robots Gold Account

    Posts:
    2,490
    Likes Received:
    8,377
    Please note, this is speculation, but serves to clarify how this works.

    Parties that store encrypted VPN traffic are often state actors with many technical capabilities. These actors won't do that for just any single home user using a VPN, but a commercial party offering these services at large to a certain segment of interesting clients may be in their sights.

    When network traffic is indeed stored, and that can be done at many different places in the network path (often via Internet exchanges where many parties peer data), you will not hear anything about it. Depending on how Epik has configured OpenVPN, historical network traffic can be decrypted. It is concerning that Epik kept all these historical OpenVPN config files on their servers/backups. Since they did this, I have a lot more questions about how they have properly configured all their super-secure services.

    Edit/add:
    https://en.wikipedia.org/wiki/Forward_secrecy
    https://theintercept.com/2018/06/25/att-internet-nsa-spy-hubs/
    https://techcrunch.com/2018/06/25/nsa-att-intercept-surveillance/
     
    Last edited: Oct 13, 2021
  6. Molly White

    Molly White Established Member

    Posts:
    90
    Likes Received:
    546
    There are multitudes of reasons it's a good idea to use a trustworthy VPN besides living under those governments.
     
  7. Derek Peterson

    Derek Peterson Restricted (15-30%) Gold Account

    Posts:
    323
    Likes Received:
    251
    His first VPN was 100% white label so who knows what's up with that companies storage policy. After abuse in the Fediverse from a bunch of us he finally bought some servers and made his own VPN using that OS codeI guess, but I was always curious if he was storing URLs. I don't know how many people were actually using Epik VPN but if he was storing their URLs he would be in some serious hot water.
     
  8. Future Sensors

    Future Sensors 78% of human domainers will be replaced by robots Gold Account

    Posts:
    2,490
    Likes Received:
    8,377
    URLs are only metadata. You want to have the content of conversations.
     
  9. Derek Peterson

    Derek Peterson Restricted (15-30%) Gold Account

    Posts:
    323
    Likes Received:
    251
    What conversations?
     
  10. Future Sensors

    Future Sensors 78% of human domainers will be replaced by robots Gold Account

    Posts:
    2,490
    Likes Received:
    8,377
    You want to see which data is being exchanged (the content of websites, email conversations, chats, calls, etc). Since you mentioned "URLs", I wanted to clarify what parties that store encrypted network traffic are really looking for. Sometimes it can be metadata, sometimes it's more than that.
     
    Last edited: Oct 13, 2021
  11. Derek Peterson

    Derek Peterson Restricted (15-30%) Gold Account

    Posts:
    323
    Likes Received:
    251
    Hmm, I thought stored URLs was worst case scenario. There is money is data and Monster loves money. I really hope someone digs into this. Gab did same with their dumb browser, brave fork, recorded and sent every URL to some black box in the code. Brave called them out for that.
     
  12. Future Sensors

    Future Sensors 78% of human domainers will be replaced by robots Gold Account

    Posts:
    2,490
    Likes Received:
    8,377
    My answers are based on security risks. Your approach seems to be more about commercializing user data. That is something else. Possibly. No idea. I have no reason to believe that happened.
     
  13. Derek Peterson

    Derek Peterson Restricted (15-30%) Gold Account

    Posts:
    323
    Likes Received:
    251
    Mine is also security risk but all things are possible. but also, in many cases, like gab's case, owners are forced to add such thing to keep out of jail.
     
    Last edited: Oct 13, 2021
  14. Jona4s

    Jona4s Established Member

    Posts:
    125
    Likes Received:
    154
    If you want to remove this message it's fine, but it's all blanked out so nothing sensitive.

    Just to give an idea what's out there being scraped on onion sites.

    [​IMG]

    Another thing I've read is that a considerable percentage of the leaked clients IPs responded a scan with some open ports. That's one step away from a script with shellcode and a rsync of all their disk data.

    I'm not saying users disks are also on onion, but some IPs were tested and found vulnerable to remote exploiting.
     
    Last edited: Oct 13, 2021
  15. Future Sensors

    Future Sensors 78% of human domainers will be replaced by robots Gold Account

    Posts:
    2,490
    Likes Received:
    8,377
    Are these Epik IPs associated with Russia as well?

    Slightly related but relevant because of the "shitty Russian code" RM mentioned in the video meeting:

    Russia excluded from 30-country meeting to fight ransomware and cyber crime
    "WASHINGTON, Oct 13 (Reuters) - Russia was not invited to attend a 30-country virtual meeting led by the United States that is aimed at combating the growing threat of ransomware and other cyber crime, a senior administration official said. Many ransomware gangs operate from Ukraine and Russia, private sector cybersecurity experts say. Some U.S. officials and analysts have said Russian ransomware gangs operate with the Kremlin's tacit approval, but are not directly controlled by the government."
    https://www.reuters.com/world/russi...eting-fight-ransomware-cyber-crime-2021-10-13
     
    Last edited: Oct 14, 2021
  16. jmcc

    jmcc Top Contributor VIP ★★★★★★★★★★

    Posts:
    2,003
    Likes Received:
    2,518
    This video clip from the Day Of The Jackal sums up the difference between the approach of state level actors and that of hacktivists:


    Regards...jmcc
     
  17. Derek Peterson

    Derek Peterson Restricted (15-30%) Gold Account

    Posts:
    323
    Likes Received:
    251
    Considering that all of the Epik's code is public and the epic amount of holes in the code isn't Epik in a constant state of hack and if so how can they, in good faith, be taking people's credit cards, transferring domains or anything?

    I bet Monster is afraid to announce that Epik is now fully secure because the hackers will post some funny image on Epik's homepage within hours.
     
  18. Future Sensors

    Future Sensors 78% of human domainers will be replaced by robots Gold Account

    Posts:
    2,490
    Likes Received:
    8,377
    This is what has been communicated by Epik in the overview of 'actions taken' by the company:

    "Shut down all outside access endpoints into Epik’s systems;"

    There are now several ways to interpret this further. Let's hope^wpray for the best.
     
    Last edited: Oct 14, 2021
  19. ArchCityAnon2

    ArchCityAnon2 New Member

    Posts:
    8
    Likes Received:
    22
    This is a good read. and largely accurate for the most part.
     
  20. Future Sensors

    Future Sensors 78% of human domainers will be replaced by robots Gold Account

    Posts:
    2,490
    Likes Received:
    8,377
    I can confirm his expertise.

    Welcome to the forum.
     
  21. Future Sensors

    Future Sensors 78% of human domainers will be replaced by robots Gold Account

    Posts:
    2,490
    Likes Received:
    8,377
    Interesting. When was this approximately?
     
  22. Derek Peterson

    Derek Peterson Restricted (15-30%) Gold Account

    Posts:
    323
    Likes Received:
    251
    2019'ish. I've heard he has done the same with many alt-right companies. His dream is to take over Gab. Always has been. He may have started investing earlier this year and last when gab was down to about $20K in the bank and burning about $40K/month.
     
    Last edited: Oct 14, 2021
  23. Future Sensors

    Future Sensors 78% of human domainers will be replaced by robots Gold Account

    Posts:
    2,490
    Likes Received:
    8,377
    I'm unable to check, but since you've provided supporting evidence on other matters here on several occasions, I'm inclined to believe this. This looks like very active acquisition. Relevant because I consider it the motive for the current data leaks by the ladies.
     
    Last edited: Oct 14, 2021
  24. ArchCityAnon2

    ArchCityAnon2 New Member

    Posts:
    8
    Likes Received:
    22
    Before he takes over Gab he may want to check out your video naming Gab as a pedo site. That would be a bad business move if you're correct
     
  25. Derek Peterson

    Derek Peterson Restricted (15-30%) Gold Account

    Posts:
    323
    Likes Received:
    251
    I told Monster of Gab's pedo problems within weeks of him taking their domain to Epik (see attachment). He called me a liar and threatened me and tried to make me take down by videos exposing gab.

    The hosting company Epik purchased, where gab was hosting at that time, was 3 literal teens running a couple servers on leased racks that hosted lolicon and pedo porn doing about $2.500/month in revenues.

    Epik currently HOSTS tons of pedo site.
     

    Attached Files:

    Last edited: Oct 14, 2021

Want to reply or ask your own question?

It only takes a minute to sign up – and it's free!
Topics / Tags:
biix
  1. NamePros uses cookies and similar technologies. By using this site, you are agreeing to our privacy policy, terms, and use of cookies.
    Dismiss Notice
Loading...