alert Epik Had A Major Breach

[DaveX]

Just read this. Looks like Epik may have been hacked and sensitive data compromised...

Read here:
https://domainnamewire.com/2021/09/14/hackers-claim-significant-epik-breach/

Thought I would share this.

 

[Jurgen Wolf]

In other words, change your lifestyle and be happy.

 

[gabri3l]

Je suis Epik

 

[MysticHero]

I think we should stand with Rob in this tough time. This is not his fault at all. Everyone has the right to freedom of speech and express his beliefs. Domaining won't be fun without Epik. I mean who else offers $0.99 ".CO" deals for bulkers with great tools?

Regarding the data leak, I think people should not really worry about it unless it's their passwords or card info (which is not there) considering too many data breaches got public recently and they probably already contain your emails. It's no surprise anymore and no one would have time to look up your personal details out of millions of domains and misuse them unless you're popular like Rob. The worst you can expect is a few spam emails that you're already receiving.

The only problematic thing is Rob's last name which is opposite of his religious beliefs.

 

[robs01]

Wikipedia is having wet dreams on it —This company has the worst bias against em

Very observant Samer!

I too have noticed that when googling various registrars, all the others give me that particular registrar as the first search hit yet googling Epik gives me the obviously tainted Wikipedia entry first and then Epik second. So no obvious manipulation and bias there!! (sarc) Now who would have the power to manipulate search results, and why? The media reports of Epik also contain obvious bias.

A headless chicken can see that some very powerful people have a vendetta against Rob and Epik. Sadly some humans cannot, and the rest are part of the AI or troll army to hammer him. The army of fearmongerers pushing people away from Epik is also apparent.

This alleged hack, whether real or not, is also an obvious psyop against Epik. How many hackers make up catchy slogans like "Operation Epik Fail"? I didn't know hackers had such clever marketing skills, nor that they fight against those people who advocate/protect free speech, the very thing they themselves claim to protect!

People might also want to research Operation Talpiot and Sandy Bridge and then realize that every computer is designed to be hacked into, and built right into both hardware and software. Every computer is easily accessible. But when there is an agenda to achieve specific people are always targeted.

I won't be moving any domains from Epik.

 

[Beezy]

The wikipedia entry isn't tainted. Your posts are.

 

[has2hands]

LINK: https://onlinedomain.com/2021/09/16/domain-name-news/epik-was-hacked/

This was the content of the website epikfail.win: (I have only removed the link to the torrent with all the hacked data and a password.)

*****************************************************************************************
________ __ .__
\_____ \ ______ ____ _______ _____ _/ |_ |__| ____ ____
/ | \ \____ \ _/ __ \ \_ __ \\__ \ \ __\| | / _ \ / \
/ | \| |_> >\ ___/ | | \/ / __ \_ | | | |( <_> )| | \
\_______ /| __/ \___ > |__| (____ / |__| |__| \____/ |___| /
\/ |__| \/ \/ \/
________ _______ _____ ___ ____ ________ _ _____ _____
|_ __ | |_ __ \ |_ _| |_ ||_ _| |_ __ | / \ |_ _| |_ _|
| |_ \_| | |__) | | | | |_/ / | |_ \_| / _ \ | | | |
| _| _ | ___/ | | | __'. | _| / ___ \ | | | | _
_| |__/ | _| |_ _| |_ _| | \ \_ _| |_ _/ / \ \_ _| |_ _| |__/ |
|________| |_____| |_____| |____||____| |_____| |____| |____| |_____| |________|

*****************************************************************************************

OFFICIAL ANONYMOUS (not to be confused with 'Anonymous Official' grifters) PRESS RELEASE
SEPTEMBER 13, 2021
NOTORIOUS "HACKERS ON ESTRADIOL" PRESENT GRAND REVEAL
OF ROB "HITLER SHOULD'VE WON" MONSTER'S EPIK FAILURE

You know, when you name a company "Epik",
that implies something really big's going to happen.
Deserving of the name.
Well, after years of bolstering the worst trash the Internet has to offer,
this is, truly, the Epik moment we've all been waiting for.

Contained within this release, the following delicious morsels
that will surely be digested for months to come:

A decade's worth of data from the company. That's right, everybody.

Time to find out who in your family secretly ran an Ivermectin horse porn fetish site,
disinfo publishing outfit, or yet another QAnon hellhole.

Want to know when a nation-state decided to offer hosting to some domestic terror groups,
without those pesky DDoS mitigating reverse proxies getting in your way?
Want to know the identity of the owner of a domain or large set of domains
used in yet another influence/information operation?
Decloak origin IPs of nazi websites for further investigation, poking, prodding!
Map out a decade of online fash with a level of clarity nobody has been able to UNTIL NOW!

WHAT YOU GET FOR THE LOW LOW PRICE OF $0.00

* All domain purchases
* All domain transfers in/out
* All whois history, unredacted
* All DNS changes
* All email forwards, catch-alls, etc
* Payment history (no credit card data, don't get excited, FBI, we're not in that game)
* Account credentials for:
all Epik customers, hosting, Anonymize VPN, and so on
Epik internal systems, servers
Epik's GoDaddy logins
...and more! IN PLAINTEXT! That's right, Epik barely hashed a damn thing!
When we saw hashes, they were merely unsalted MD5
Here's one such sample that made us upset for daring to use "anon":
Rob Monster ****@epik.com ******** ************ (cracked: willem)
Yep, these Russian developers they hired are actually just that bad.
They probably enjoyed snooping through all of your shit just as much as we did.
* Over 500,000 private keys. What are they for? Who knows!
* We think we spotted a bunch of Anonymize OpenVPN profiles in this,
but we were too disgusted with the above to continue digging.
* A dump of an employee's mailbox, just because we could.
* Git repositories for whatever internal applications!
* SSH keys!
* /home/ and /root/ directories of one of their core systems!

This dataset is all that's needed to trace actual ownership and management of the fascist side
of the Internet that has eluded researchers, activists, and, well, just about everybody.
And maybe have a little extra fun. For the lulz.

Is it possible to own a company as hard as this? We sure love to see it.
Good luck with the rebrand, Robby boy. Herd u liek mudkipz.

Monero tips for the inevitable legal bills, for
when the FBI kicks down OVER 9000 doors after this utterly
embarrasses everyone and outs one or more of their
poorly thought out stochastic terrorism plots
(GOOD LUCK WE'RE BEHIND SEVEN PROXIES)

49fTMEjqSZW5qKrJLwKjJZ2MHVYCbvsPo1ikwtxQTW66V3VTijgtJdFCukcKvvCnX7GYMqfgEVBGeQ4XJ1b6b45SQcfRCaq

Support your starving hacktivists, and they will bless you in turn.

So long, for now! Support #OperationJane and mess with Texas today!
Abortion is a human right!

Download OperationEpikFail.torrent

There's no use in denial, Rob Monster.

We are Anonymous
We are Legion
We do not Forgive
We do not Forget
___________
< EXPECT US >
-----------
\ ^__^
\ (oo)\_______
(__)\ )\/\
||----w |
|| ||

The Internet Hate Machine hates fascists.

Signed,

) ) ) ) * ) (
( ( /( ( /( ( /( ( /( ( ` ( /( )\ )
)\ )\()) )\()) )\()) )\()) )\))( )\()) ( (()/(
((((_)( ((_)\ ((_)\ ((_)\ ((_)\ ((_)()\ ((_)\ )\ /(_))
)\ _ )\ _((_) ((_) _((_) __ ((_) (_()((_) ((_) _ ((_) (_))
(_)_\(_) | \| | / _ \ | \| | \ \ / / | \/ | / _ \ | | | | / __|
/ _ \ | .` | | (_) | | .` | \ V / | |\/| | | (_) | | |_| | \__ \
/_/ \_\ |_|\_| \___/ |_|\_| |_| |_| |_| \___/ \___/ |___/

 

[Truespin Domains]

Urghh, I'm so torn on Epik.

On one hand I find most of Rob's personal beliefs pretty grim. On the other hand I think Epik has been one of the few innovative players in domaining and my limited use of their platform has been positive.

Whilst I hugely disagree with Rob on most things, I am with him on his desire to protect free speech.

But sending me a vague email about my data possibly being lost, and telling me that you're praying hard for me did not overwhelm me with confidence.

 

[Altetra]

People might also want to research Operation Talpiot and Sandy Bridge and then realize that every computer is designed to be hacked into, and built right into both hardware and software. Every computer is easily accessible. But when there is an agenda to achieve specific people are always targeted.

I was thinking of such recently without reading anyones info but did not wanted to post because most already think I m crazy.
We the end users have the illusion of security which was created for us, but there are intentional direct access back doors which are created for them, those who rule Echelon project.
Here is something that I experience from when I have begin domaining, every time I don't hand register some specific domains I take a screenshot as evidence for later, the next day I decide to go and hand reg those domains and I see that some of them are already registered with some old reg date, then I go to chk my screenshots and surprise the screenshot is nowhere to be found, I trust my memory and I know I m right.
The domains were hand registered at different registrars but the most frequent was Godaddy you know the DN beast of internet.

 

[Jurgen Wolf]

Don't mix business and emotions.
This way is wrong 100%.

 

[Windoms]

Problem: I have a bid on my nameliquidate domain but you have to enter payment info to receive money.

1/ be stubborn / support epik / play russian roulette for $10

2/ follow that little voice in the back of my head

 

[CraigD]

Many of us are simply foreign clients who have no stake in US politics or issues.

If your domains are benign as I suspect most are, and you're not politically active, I doubt you have too much to worry about.

Change your password.
Lock your domains down.
Double check your credit card statements.

This thread is likely being monitored for reactions, with usernames being matched to the data released.

Just saying.

 

[Jurgen Wolf]

Now I understand: why 20 months were lost for me on their landers.
These hackers are just last bullet in the very long story of Epik's hype and reputation in mass media (read: in enduser eyes).

 

[Abdillahi Abdillahi]

Just logged in no problem. I have had 2 factor on all along though.

Yeah me too 2 FA from the start but somehow, it refused my password and username. Then I had to reset and was able to login in.

 

[Rinapo]

Hacktivist group Anonymous has successfully breached and leaked the database of Epik, a controversial web hosting provider and domain registrar that has given shelter to many right-wing websites over the past few years, such as Gab, Parler, and The Donald.

The hack, which based on timestamps in the leaked data took place on February 28, was announced on Monday via a dedicated website [archived] and posts on internet forum 4chan.

“A decade’s worth of data from the company. That’s right, everybody,” the group touted on Monday on their site....

https://therecord.media/anonymous-hacks-and-leaks-data-from-domain-registrar-epik/

 

[karamakate]

You are in our prayers today. We are grateful for your support and prayer. When situations arise where individuals might not have honorable intentions, I pray for them. I believe that what the enemy intends for evil, God invariably transforms into good.

Blessings to you all.

Regards,

Rob Monster
Founder and CEO
Epik Holdings Inc

Praying? Blessings? God?!

SERIOUSLY ???!!!

If you have also protected your servers with holy water, the reason why you have been hacked is obvious.

 

[Peak.Domains]

It's good to see that you're finally admitting that Epik was very likely attacked for their politics. Beyond that, I have no idea what point you think you're attempting to make, nor do I care. My one and only position this entire time, was that they were attacked because of their ideology. You're welcome to scroll up if you're still confused.

Let's scroll up together!

You cited the words of the hacker, I asked if you believed everything else they said. Maybe I'm old-school, but I still believe that asking someone a question is a great way to learn something, even on days like today when that belief is tested, it's better to ask a question than to make an assumption. I would have thought that you'd appreciate that.

With peace and love, I didn't think my question would upset you to a point that you'd accuse me of creating a strawman, when that's literally what you went on to do. I won't pester you any further with the bare minimum of conversation, who would expect such a thing on a forum.

 

[bmugford]

I think we should stand with Rob in this tough time. This is not his fault at all. Everyone has the right to freedom of speech and express his beliefs. Domaining won't be fun without Epik. I mean who else offers $0.99 ".CO" deals for bulkers with great tools?

Regarding the data leak, I think people should not really worry about it unless it's their passwords or card info (which is not there) considering too many data breaches got public recently and they probably already contain your emails. It's no surprise anymore and no one would have time to look up your personal details out of millions of domains and misuse them unless you're popular like Rob. The worst you can expect is a few spam emails that you're already receiving.

The only problematic thing is Rob's last name which is opposite of his religious beliefs.

This is not a political thing. I would want my data to be protected.
There is no reason to inject politics, religion, etc.

A company is supposed to be a good steward of their customer's information.

In fairness, if some of the hack stuff is true then there are likely some serious security issues that need to be addressed.

Brad

 

[Beezy]

Please read.

https://www.dailydot.com/debug/epik-hack-far-right-sites-anonymous/

‘Worst I’ve seen in 20 years’: How the Epik hack reveals every secret the far-right tried to hide
'They are fully compromised end-to-end.'

 

[internext]

The hack, which based on timestamps in the leaked data took place on February 28, was announced on Monday

February 28

 

[Beezy]

There are current credit card numbers stored in plain text.