Dynadot
Namecheap

Silentptnr

Domains88.com
Impact
48,159
Last edited:

Future Sensors

78% of human domainers will be replaced by robots
Impact
8,882
The lack of explanation and meaningful guidance has gone on for a long time now. For concerned Epik customers who want to better educate themselves about, and arm themselves against, potential attack vectors, I've been sorting out a few resources over the past few days. You can find them in the Technology section of NamePros.

https://www.namepros.com/forums/technology.249/
 

DN Playbook

Established Member
Impact
1,025
The lack of explanation and meaningful guidance has gone on for a long time now. For concerned Epik customers who want to better educate themselves about, and arm themselves against, potential attack vectors, I've been sorting out a few resources over the past few days. You can find them in the Technology section of NamePros.

https://www.namepros.com/forums/technology.249/

Very impressive. Lots of research. Great job.
 

Future Sensors

78% of human domainers will be replaced by robots
Impact
8,882
CNN just reached out to me regarding an in-depth investigation into Rob Monster.

It's nowhere near over yet.

You may want to contact @Derek Peterson

He is also currently in contact with CNN, he said earlier in this thread.
 
Last edited:

Windoms

Top Contributor
Impact
1,869
Wow CNN is reading our forum.

3148.jpg
 
Last edited:
Impact
5,404
More mentions of OverOptic Systems in this article last month:

https://bylinetimes.com/2021/09/08/texa-anti-abortion-bounty-hunting-website-now-hosted-in-the-uk/

Website registration records indicate the IP now associated with the URL Prolifewhistleblower.com is associated with UK-based Overoptic Systems LTD, which also does business by the name HQHost. Overoptic Systems only has one listed corporate director and their address is in Crimea. At the time of publication, Overoptic Systems had not returned a request for comment.

Records also indicate these IP addresses are linked to a New Jersey-based company called NatCoWeb Corp. They also show that NatCoWeb hosts extremist content, including a forum for the 3 Percenter right-wing extremist group and two websites for the Alliance Defending Freedom, a Christian nonprofit labelled by the Southern Poverty Law Center as a hate group. Little can be found about NatCoWeb Corp online. It doesn’t list corporate officers and doesn’t appear in New Jersey state corporate registration lookups. At the time of publication, NatCoWeb had not returned a request for comment.

Whois records of the IP address associated with Prolifewhistleblower.com also show Anonymize Inc. as the privacy administrator. NatCoWeb Corp and Anonymize Inc. appear to have a number of links. The bulk of the IPs on the NatCoWep Corp server list Anonymize Inc as their privacy administrator. Anonymize is a wholly-owned subsidiary of Epik.
 
Records also indicate these IP addresses are linked to a New Jersey-based company called NatCoWeb Corp. They also show that NatCoWeb hosts extremist content, including a forum for the 3 Percenter right-wing extremist group and two websites for the Alliance Defending Freedom, a Christian nonprofit labelled by the Southern Poverty Law Center as a hate group. Little can be found about NatCoWeb Corp online. It doesn’t list corporate officers and doesn’t appear in New Jersey state corporate registration lookups. At the time of publication, NatCoWeb had not returned a request for comment.

Whois records of the IP address associated with Prolifewhistleblower.com also show Anonymize Inc. as the privacy administrator. NatCoWeb Corp and Anonymize Inc. appear to have a number of links. The bulk of the IPs on the NatCoWep Corp server list Anonymize Inc as their privacy administrator. Anonymize is a wholly-owned subsidiary of Epik.

A certified network engineer who analyzed these web records for the Byline Times believes that, despite the seeming switch in IP records, Epik could still be providing IP hosting in some regard.
 

Molly White

Established Member
Impact
577
Steven Monacelli pressed Monster on it during the Q&A, but Monster dodged:

Monacelli, YT0:53:44: I asked you for clarification. If you can provide me with the exact understanding of why all of these things are pointing to Overoptic systems, NatCoWeb Corp, and Tinhat, I don’t understand these connections and that’s why I called you. But since you were unwilling to provide me any clarity regarding those connections, I reported on what is publicly available information.

Monster, YT0:54:08: Yeah, I mean the problem is that so much of the content that is out there, like Huffington Post and like, a whole list. Like you go look to the Wikipedia page… I mean, do you guys get how subverted Wikipedia is? You realize how much of a globalist tool that thing has become? You get that? Is that, like, lost on people?

Monacelli, YT0:54:28: So I’m not talking about Wikipedia. I’m talking about the web domain registration that I was able to link, and I explained to you over the phone…

Monster: Steve. Steve. I’m gonna get that page taken down, alright? Alright?
 
Last edited:
OVEROPTIC SYSTEMS LTD was incorporated on 14 March 2013 in the U.K. and the the only public information available is the name of one appointed director, his address and nationality. He's a ukrainian citizen from Crimea.

Sometimes it is hard to tell the difference between nefarious and a useful idiot.

You can see how many shady connections have already been made. This tangled web will continue to be unraveled.

Brad
 

Windoms

Top Contributor
Impact
1,869
By the way.
0 domains were lost, but Im sure they could have stolen some, if they wanted to.

For example, all credentials were obtained.
Some use the same password everywhere.
Had hackers wanted, they would have searched using automated tools, stolen emails, then all domains linked to those emails.
Silently, before leaking the data.
They simply didnt choose to.

Even without credentials, Im sure they could have done much more damage, had they intended to.

Either they didnt want to hurt us / didnt want to touch people's property and have FBI to go after them in a meaner way, or they didnt want to appear as bad guys.

Either way we're lucky (I guess).
 

DN Playbook

Established Member
Impact
1,025
Last edited:

Future Sensors

78% of human domainers will be replaced by robots
Impact
8,882
So if we can't get news from CNN or from Rob Monster. Where can we get the latest on the Epik hack fallout? NP seems like a pretty good source.

Well, Twitter has always been the main source where things around the Epik data breach get published, announced, and analyzed, but it is spread over many accounts. It is not immediately easy for the layman to estimate which sources are reliable. Some new Twitter accounts that publish about the data breach are just one month old and have valuable information. On the darkweb, Epik is discussed as well.

The established leaders (influencers) in the infosec community with a large reach, are also starting to delve into this, mainly because this case is fairly unique and high-profile, with cybersec, APT and politics involved. They have previously been analyzing C2 infrastructures and now see puzzle pieces coming together. Epik seems to play a central role in this ecosystem. Data from the Epik leaks is combined with other investigative sources like data from ICIJ, in order to map the relations (including financial) between Epik and other domestic and foreign parties.

On this forum, we just see more structure and additional insights that may help Epik customers and other stakeholders to further understand what seems to be going on at the company, and how they can protect themselves now they are vulnerable.

Some people in this thread have already mentioned that they are in contact with CNN. It looks like CNN Cyber Security Reporter Sean Lyngaas (snlyngaas) is now delving into this. Other journalists, from left to right, have also published about the data breach, but the enormous amount of data has to be interpreted carefully before final conclusions can be drawn.
 
Last edited:

DN Playbook

Established Member
Impact
1,025
It is not immediately easy for the layman to estimate which sources are reliable.

On this forum, we just see more structure and additional insights that may help Epik customers and other stakeholders to further understand what seems to be going on at the company, and how they can protect themselves now they are vulnerable.

Some people in this thread have already mentioned that they are in contact with CNN. It looks like CNN Cyber Security Reporter Sean Lyngaas (snlyngaas) is now delving into this.

It is certainly beneficial for the layman customer to have people like yourself, @Molly White, @Kirtaner, @bmugford, @johnjhacking, and others who are following the news and have reporting skills and other insights post their findings here. NP is like an aggregate of the news on this topic. Hopefully we can keep going until it is resolved.
 

Future Sensors

78% of human domainers will be replaced by robots
Impact
8,882
It is certainly beneficial for the layman customer to have people like yourself, @Molly White, @Kirtaner, @bmugford, @johnjhacking, and others who are following the news and have reporting skills and other insights post their findings here. NP is like an aggregate of the news on this topic. Hopefully we can keep going until it is resolved.

Thank you. I agree that people from a lot of different disciplines are now present in this thread, and that's truly rather unique, and very useful.
 
Last edited:

DN Playbook

Established Member
Impact
1,025
Last edited:
Impact
5,404
You couldn't make this stuff up. It's almost the making of a film. Ah someone already did it, called it Swiss Miss...



https://www.imdb.com/title/tt0030824/

Or a soap opera. Did anyone notice that epik.tv sold in May this year for $360?

And on the latest DNJ: DaaZ.com sold epik.in ($2,250) https://www.dnjournal.com/domainsales.htm
Nice for hacks like epik.in/trouble or epik.in/politics.

Earlier epik domain sales:

epik.org 9,644 USD 2014-03-31 Sedo

epik.com 6,944 USD 2007-06-05 Private

https://namebio.com/?s==cDM3YTN2QzM

What value would you give to epik.com now?


Epik.shop is a premium, but in many extensions epik is free and cheap to register, such as .me and .io
 
Last edited:

Future Sensors

78% of human domainers will be replaced by robots
Impact
8,882
Epikfail.com is going for 2500

Although I have to admit that the information provided by Epik is lacking, these kinds of domain names seem to me to have little value. The following domain has a Creation Date of 2021-09-14T17:44:19Z.

upload_2021-10-29_17-26-14.png
 
Top