Dan.com
Namecheap

Silentptnr

Domains88.com
Impact
48,159
Last edited:

Derek Peterson

Restricted (15-30%)
Impact
217
Why their VPN is so critical for you?
You live in China, Iran, RF etc. or why???

No, but I do care about others. He was promising everyone it was fully secure and private but it was really a white label be had no control of, like pretty much every single thing at Epik. eg. their entire website.
 
Last edited:

Future Sensors

78% of human domainers will be replaced by robots
Impact
8,894
That would be a huge story if URLs were visible from VPN users? Be great if someone dug into that.

Please note, this is speculation, but serves to clarify how this works.

Parties that store encrypted VPN traffic are often state actors with many technical capabilities. These actors won't do that for just any single home user using a VPN, but a commercial party offering these services at large to a certain segment of interesting clients may be in their sights.

When network traffic is indeed stored, and that can be done at many different places in the network path (often via Internet exchanges where many parties peer data), you will not hear anything about it. Depending on how Epik has configured OpenVPN, historical network traffic can be decrypted. It is concerning that Epik kept all these historical OpenVPN config files on their servers/backups. Since they did this, I have a lot more questions about how they have properly configured all their super-secure services.

Edit/add:
https://en.wikipedia.org/wiki/Forward_secrecy
https://theintercept.com/2018/06/25/att-internet-nsa-spy-hubs/
https://techcrunch.com/2018/06/25/nsa-att-intercept-surveillance/
 
Last edited:

Derek Peterson

Restricted (15-30%)
Impact
217
Please note, this is speculation, but serves to clarify how this works.

Parties that store encrypted VPN traffic are often state actors with many technical capabilities. These actors won't do that for a single home user using a VPN, but a commercial party offering these services at large to certain clients may be in their sights.

When network traffic is indeed stored, and that can be at many different places in the network path (often via Internet exchanges where many parties peer data), you will not hear anything about it. Depending on how Epik has configured OpenVPN (q=perfect forward secrecy, etc) historical traffic can be decrypted. It is concerning that Epik kept all these historical OpenVPN config files on their servers/backups. Since they did this, I have a lot more questions about how they have properly configured all their super-secure services.

His first VPN was 100% white label so who knows what's up with that companies storage policy. After abuse in the Fediverse from a bunch of us he finally bought some servers and made his own VPN using that OS codeI guess, but I was always curious if he was storing URLs. I don't know how many people were actually using Epik VPN but if he was storing their URLs he would be in some serious hot water.
 

Future Sensors

78% of human domainers will be replaced by robots
Impact
8,894
What conversations?

You want to see which data is being exchanged (the content of websites, email conversations, chats, calls, etc). Since you mentioned "URLs", I wanted to clarify what parties that store encrypted network traffic are really looking for. Sometimes it can be metadata, sometimes it's more than that.
 
Last edited:

Derek Peterson

Restricted (15-30%)
Impact
217
You want to see which data is being exchanged (the content of websites, email conversations, chats, calls, etc). Since you mentioned "URLs", I wanted to clarify what parties that store encrypted network traffic are really looking for. Sometimes it can be metadata, sometimes it's more.

Hmm, I thought stored URLs was worst case scenario. There is money is data and Monster loves money. I really hope someone digs into this. Gab did same with their dumb browser, brave fork, recorded and sent every URL to some black box in the code. Brave called them out for that.
 

Future Sensors

78% of human domainers will be replaced by robots
Impact
8,894
Hmm, I thought stored URLs was worst case scenario. There is money is data and Monster loves money. I really hope someone digs into this. Gab did same with their dumb browser, brave fork, recorded and sent every URL to some black box in the code. Brave called them out for that.

My answers are based on security risks. Your approach seems to be more about commercializing user data. That is something else. Possibly. No idea. I have no reason to believe that happened.
 

Derek Peterson

Restricted (15-30%)
Impact
217
My answers are based on security risks. Your approach seems to be more about commercializing user data. That is something else. Possibly. No idea. I have no reason to believe that happened.

Mine is also security risk but all things are possible. but also, in many cases, like gab's case, owners are forced to add such thing to keep out of jail.
 
Last edited:

Jona4s

Established Member
Impact
136
If you want to remove this message it's fine, but it's all blanked out so nothing sensitive.

Just to give an idea what's out there being scraped on onion sites.

yxEoPWw.png


Another thing I've read is that a considerable percentage of the leaked clients IPs responded a scan with some open ports. That's one step away from a script with shellcode and a rsync of all their disk data.

I'm not saying users disks are also on onion, but some IPs were tested and found vulnerable to remote exploiting.
 
Last edited:

Future Sensors

78% of human domainers will be replaced by robots
Impact
8,894
but some IPs were tested

Are these Epik IPs associated with Russia as well?

Slightly related but relevant because of the "shitty Russian code" RM mentioned in the video meeting:

Russia excluded from 30-country meeting to fight ransomware and cyber crime
"WASHINGTON, Oct 13 (Reuters) - Russia was not invited to attend a 30-country virtual meeting led by the United States that is aimed at combating the growing threat of ransomware and other cyber crime, a senior administration official said. Many ransomware gangs operate from Ukraine and Russia, private sector cybersecurity experts say. Some U.S. officials and analysts have said Russian ransomware gangs operate with the Kremlin's tacit approval, but are not directly controlled by the government."
https://www.reuters.com/world/russi...eting-fight-ransomware-cyber-crime-2021-10-13
 
Last edited:
Impact
2,505
These actors won't do that for just any single home user using a VPN, but a commercial party offering these services at large to a certain segment of interesting clients may be in their sights.
This video clip from the Day Of The Jackal sums up the difference between the approach of state level actors and that of hacktivists:

Regards...jmcc
 

Derek Peterson

Restricted (15-30%)
Impact
217
Considering that all of the Epik's code is public and the epic amount of holes in the code isn't Epik in a constant state of hack and if so how can they, in good faith, be taking people's credit cards, transferring domains or anything?

I bet Monster is afraid to announce that Epik is now fully secure because the hackers will post some funny image on Epik's homepage within hours.
 

Future Sensors

78% of human domainers will be replaced by robots
Impact
8,894
I bet Monster is afraid to announce that Epik is now fully secure because the hackers will post some funny image on Epik's homepage within hours.

This is what has been communicated by Epik in the overview of 'actions taken' by the company:

"Shut down all outside access endpoints into Epik’s systems;"

There are now several ways to interpret this further. Let's hope^wpray for the best.
 
Last edited:

Derek Peterson

Restricted (15-30%)
Impact
217
Interesting. When was this approximately?

2019'ish. I've heard he has done the same with many alt-right companies. His dream is to take over Gab. Always has been. He may have started investing earlier this year and last when gab was down to about $20K in the bank and burning about $40K/month.
 
Last edited:

Future Sensors

78% of human domainers will be replaced by robots
Impact
8,894
2019'ish. I've heard he has done the same with many alt-right companies. His dream is to take over Gab. Always has been. He may have started investing earlier this year and last when gab was down to about $20K in the bank and burning about $40K/month.

I'm unable to check, but since you've provided supporting evidence on other matters here on several occasions, I'm inclined to believe this. This looks like very active acquisition. Relevant because I consider it the motive for the current data leaks by the ladies.
 
Last edited:

ArchCityAnon2

New Member
Impact
16
2019'ish. I've heard he has done the same with many alt-right companies. His dream is to take over Gab. Always has been. He may have started investing earlier this year and last when gab was down to about $20K in the take and burning about $40K/month.

Before he takes over Gab he may want to check out your video naming Gab as a pedo site. That would be a bad business move if you're correct
 

Derek Peterson

Restricted (15-30%)
Impact
217
Before he takes over Gab he may want to check out your video naming Gab as a pedo site. That would be a bad business move if you're correct

I told Monster of Gab's pedo problems within weeks of him taking their domain to Epik (see attachment). He called me a liar and threatened me and tried to make me take down by videos exposing gab.

The hosting company Epik purchased, where gab was hosting at that time, was 3 literal teens running a couple servers on leased racks that hosted lolicon and pedo porn doing about $2.500/month in revenues.

Epik currently HOSTS tons of pedo site.
 

Attachments

  • first email to the monster.png
    first email to the monster.png
    130.9 KB · Views: 44
Last edited:
Top