NameSilo

alert Epik Had A Major Breach

Spaceship Spaceship
Watch

Silentptnr

Domains88.comTop Member
Impact
47,339
Last edited:
33
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
https://gizmodo.com/kiwi-farm-cloudfare-vanwatech-8kun-1849505214
The site transferred to a China-based hosting service but it’s now found a new domain on EPIK. Even though Kiwi Farms should be back online, the site is repeatedly going down. Using the site Isitdownrightnow shows that the domain is down and has been for nearly two hours, as of the time of reporting. Some users suggested the entire hosting network is being hit by a DDoS attack, which kinda does point to the difficulties that anybody hosting such a controversial network might find themselves under.
VanwaTech’s CEO Nick Lim told OPB that they were indeed doing hosting duties but reportedly declined to talk more about what kind of deal he struck between his hosting company and the internet cesspit that is Kiwi Farms. Joshua Moon, a former admin on 8chan, complained in a long Telegram screed “Journalists canonize the crimes as the behavior of the forum itself, which becomes the effective truth for the general public.”

Of course, shacking up with a hosting service renowned for supporting neo-Nazis and other recognized online hate group-laden forums does seem to put one in line with the rest of the worst parts of the internet. Lim himself has been cited in reports from the likes of Bloomberg for essentially being the back end tech support for white nationalists and the QAnon conspiracy.
 
2
•••
The Kiwi Farms issue is a separate one than the Epik Breach that occurred, so it shouldn't it be separated out into another thread?
just pray a little
the lord will help
that's for sure
 
0
•••
How do we use this list to block these IP addresses. (my first attempt to try this)?

You'll need to blacklist IPs from connecting to the SMTP server.

For cPanel users, go to Email Filters:
1. Click on Create a New Filter & Name the filter (whatever, e.g. BLOCKIP)
2. Under the RULES change the FROM to ANY HEADER & change the EQUALS to CONTAINS.
3. In the field below type in IP or range
For WHM users, go to Service Configuration > EXIM Manager
For Gmail, you will need a third-party service such as BlockSender .io
For Windows server, check the SMTP service properties (blocked IP management)
etc
 
6
•••
I found the instructions with a simple Google Search. It's on a test run at the moment. I haven't yet figured out the GMAIL part yet. Thank you @Lox
 
5
•••
@Derek Peterson maybe the hack cost epik more than we thought since they are defaulting payments to sellers for sales made
Someone posted in one of the 275 epik threads here @Kirtaner got raided by feds and it had to do with epik. I dont remember what thread. Can someone find that twitter screenshot i think it was?
 
2
•••
4
•••
@Derek Peterson maybe the hack cost epik more than we thought since they are defaulting payments to sellers for sales made
Someone posted in one of the 275 epik threads here @Kirtaner got raided by feds and it had to do with epik. I dont remember what thread. Can someone find that twitter screenshot i think it was?

Interesting. I'm going to go and look into the Kirtaner info. We are continuing to update our article that kind of documents the whole sequence of events so as more info is revealed we will continue to update.

Yeah, maybe his "investors" pulled out of the deal after hackers and all of us revealed that epik was all smoke and mirrors and Rob is not an honest person. I just did a search for his name on twitter and tons of people complaining about epik service and payouts. I bet that new CEO is like, what did I do...lol.

https://providencepost.com/a-monster-of-epik-proportions/
 
Last edited:
28
•••
The article doesn't seem very credible. It says Epik hosts 700k domains but only has $1m/year revenue? I'd think the average cost is $10 so that'd be $7m at least not counting all of the other services available and commissions from auction sales.
Domains have super low margins and in Epik's case they were mostly a lost leader to resell other, affiliate programs. Everything at epik was a white label.
 
19
•••
So their profit should be lower but the author might not know the difference between revenue and profit. If Epik takes in $10 for a renewal and sends away $8 then that's $10 in revenue, $8 in Costs of Goods Sold and leaves $2 as either profit or waiting for more expenditures.

I don't believe that is the way it works. The registries don't let you collect all and then send them their cut, its the other way around. In any case you seem to be missing the point, which is, Epik is not worth $64,000,000. It's probably not even worth $500K.
 
7
•••
Interesting. I'm going to go and look into the Kirtaner info. We are continuing to update our article that kind of documents the whole sequence of events so as more info is revealed we will continue to update.

Yeah, maybe his "investors" pulled out of the deal after hackers and all of us revealed that epik was all smoke and mirrors and Rob is not an honest person. I just did a search for his name on twitter and tons of people complaining about epik service and payouts. I bet that new CEO is like, what did I do...lol.

https://providencepost.com/a-monster-of-epik-proportions/

@MasterOfMyDomains Looks like Kirtaner was indeed raided for computer hacking but not sure for what specifically. Time frame is from jan 2021 til present.


Also, seems like congress want to talk to him and se how else was involved in hacks. Would not surprise me at all if monster is mixed up in this stuff. https://www.dailydot.com/debug/house-republicans-doj-letter-anonymous-hacks-givesend-go/
 
16
•••
I don't believe that is the way it works. The registries don't let you collect all and then send them their cut, its the other way around. In any case you seem to be missing the point, which is, Epik is not worth $64,000,000. It's probably not even worth $500K.
How is that now how it works? I paid with my mastercard to Epik and then Epik registers the domain and pays. Whomever processes Epik's credit card transactions then dumps their payments less transaction fees into their bank account most likely on a daily basis.
 
0
•••
How is that now how it works? I paid with my mastercard to Epik and then Epik registers the domain and pays. Whomever processes Epik's credit card transactions then dumps their payments less transaction fees into their bank account most likely on a daily basis.
As far as I'm aware, it's not how it works. Epik (or any Registrar) has to deposit funds with Verisign and have their account in credit before they can sell anything. If their pre-funding with the Registry is exhausted, the domain won't be registered. So there is a bit of a barrier to entry for new registrars as they need to have good old cash available for this.
 
0
•••
This thread barely had time to cool off but time to fire it up again.
#epikfail hack Part Four.

Ugh, here we go again, Epik hacked again, again. 10+ years of ALL of Epik’s data, everything, emails, IPs of origin VPN accounts, all keys, etc etc, Oh, AND allegedly all Kiwi Farms data.
1666229822193.png
1666229798110.png
 
2
•••
This thread barely had time to cool off but time to fire it up again.
#epikfail hack Part Four.

Ugh, here we go again, Epik hacked again, again. 10+ years of ALL of Epik’s data, everything, emails, IPs of origin VPN accounts, all keys, etc etc, Oh, AND allegedly all Kiwi Farms data. Show attachment 225473Show attachment 225472
What do you mean, they got hacked again in 2022? I see your screenshots are from last year. What is the source?
 
4
•••
0
•••
Attacking Epik for its political or religious preferences is not fair (and maybe this would even help them). But they can be critisized/attacked for their mistakes/ bad choices (/bad intentions, if any) in their business. (this is what I did, so did most of others).. Epik may not have been hacked, and instead an insider might have released their data after some event (such as being fired), do we know this is not the case. Is Epik on Q side, I don't know, but if so , this would be a good thing. The guy who claims to have hacked Epik has strange behavior and satanic looking avatar. IMO, the main remaining problem at Epik is masterbucks payout (delay/failure). If our domains not stolen because of leak, then, maybe the next possible high risk would be using them in UDRP arguments, it would be illegal use, but maybe , who cares.
 
Last edited:
3
•••
What do you mean, they got hacked again in 2022? I see your screenshots are from last year. What is the source?
It looks like it's just another release of data from the same hack. Probably stirred up by the bad press Epik is getting due the to masterbucks debacle.
 
3
•••
It looks like it's just another release of data from the same hack. Probably stirred up by the bad press Epik is getting due the to masterbucks debacle.
I think it is more likely related to kiwifarms vs the Ts drama but probably they have always, never stopped, having full access to epik.
 
2
•••
Some 2021 Newspaper clippings::
1687752203226.png

...

1687752287916.png
 
Last edited:
9
•••
3
•••
Epik Holdings Inc's Cybermarks website is no longer operational.

Here's an archived version:

https://web.archive.org/web/20230330043121/https://cybermarks.com/

Quoting Rob Monster:

"We also have started a company that you might have come across called Cybermarks, and it is a cybersecurity boutique. You might say “wow guys, you guys are such clowns, why would you start a cybersecurity company?” Well, yeah. So the idea is… what can we do? So we hired a bunch of South Africans, like an elite team of cybersecurity people. They only were at it for a couple of months in terms of setting up their operation. They were working for a high-level firm. And they’re Kingdom guys, so they work for the Kingdom. They’re Christians. And the company that was employing them wanted to do some stuff that they didn’t feel comfortable with, and so they quit as a cohort, four of them, actually eight of them, but four elite cybersecurity guys, and we hired them. So that was about a month and a half ago. So Cybermarks.com is a division that’s being incubated by Epik. But I think we’re gonna hire quite a few heavy-duty cybersecurity guys, so if you’re on the side of good, you want to basically turn from the dark side or whatever. If you’re white hat and you want to be a force for good, Cybermarks would be a fantastic organization to be a part of I would say. We’re a pretty cool company, guys. I know that we look like clowns to some of you when you look at the cover, but check out epik.com/labs."

Source: https://blog.mollywhite.net/monster-qa/
 
3
•••
Epik Holdings Inc's Cybermarks website is no longer operational.

Here's an archived version:

https://web.archive.org/web/20230330043121/https://cybermarks.com/

Quoting Rob Monster:

"We also have started a company that you might have come across called Cybermarks, and it is a cybersecurity boutique. You might say “wow guys, you guys are such clowns, why would you start a cybersecurity company?” Well, yeah. So the idea is… what can we do? So we hired a bunch of South Africans, like an elite team of cybersecurity people. They only were at it for a couple of months in terms of setting up their operation. They were working for a high-level firm. And they’re Kingdom guys, so they work for the Kingdom. They’re Christians. And the company that was employing them wanted to do some stuff that they didn’t feel comfortable with, and so they quit as a cohort, four of them, actually eight of them, but four elite cybersecurity guys, and we hired them. So that was about a month and a half ago. So Cybermarks.com is a division that’s being incubated by Epik. But I think we’re gonna hire quite a few heavy-duty cybersecurity guys, so if you’re on the side of good, you want to basically turn from the dark side or whatever. If you’re white hat and you want to be a force for good, Cybermarks would be a fantastic organization to be a part of I would say. We’re a pretty cool company, guys. I know that we look like clowns to some of you when you look at the cover, but check out epik.com/labs."

Source: https://blog.mollywhite.net/monster-qa/

Lol, yeah that was fun. Huge facepalm. Can't make this shit up.

Nice domain tbh, waiting for it to drop :)
 
2
•••
 
Last edited:
0
•••
Epik Holdings Inc's Cybermarks website is no longer operational.

Here's an archived version:

https://web.archive.org/web/20230330043121/https://cybermarks.com/

Quoting Rob Monster:

"We also have started a company that you might have come across called Cybermarks, and it is a cybersecurity boutique. You might say “wow guys, you guys are such clowns, why would you start a cybersecurity company?” Well, yeah. So the idea is… what can we do? So we hired a bunch of South Africans, like an elite team of cybersecurity people. They only were at it for a couple of months in terms of setting up their operation. They were working for a high-level firm. And they’re Kingdom guys, so they work for the Kingdom. They’re Christians. And the company that was employing them wanted to do some stuff that they didn’t feel comfortable with, and so they quit as a cohort, four of them, actually eight of them, but four elite cybersecurity guys, and we hired them. So that was about a month and a half ago. So Cybermarks.com is a division that’s being incubated by Epik. But I think we’re gonna hire quite a few heavy-duty cybersecurity guys, so if you’re on the side of good, you want to basically turn from the dark side or whatever. If you’re white hat and you want to be a force for good, Cybermarks would be a fantastic organization to be a part of I would say. We’re a pretty cool company, guys. I know that we look like clowns to some of you when you look at the cover, but check out epik.com/labs."

Source: https://blog.mollywhite.net/monster-qa/
I can confirm, Cybermarks was a company based in South Africa that primarily focused on recovering stolen crypto. That was about the same time that the former DNProtect was focused on recovering stolen domain names.
 
3
•••
I can confirm, Cybermarks was a company based in South Africa that primarily focused on recovering stolen crypto. That was about the same time that the former DNProtect was focused on recovering stolen domain names.
You know, it's funny when you think about what the company under Rob's leadership has accomplished in exactly these areas over the last period.

By the way, do you know where all the Epik ambassadors have gone?
 
0
•••

Popular this month

  • The sidebar remains visible by scrolling at a speed relative to the page’s height.
Back