alert Epik Had A Major Breach

[DaveX]

Just read this. Looks like Epik may have been hacked and sensitive data compromised...

Read here:
https://domainnamewire.com/2021/09/14/hackers-claim-significant-epik-breach/

Thought I would share this.

 

[Jurgen Wolf]

When enough real people visit a website, it has the same effect as a DDoS attack. If a lot of people are trying to log in right now, it will be indiscernible from the users' perspective: the site will slow down and fail to function properly. That's not an attack; that's just a side effect of everyone panicking.

Were troubles...
Yesterday were even periods of up to 20 minutes, when Federated Identity login page didn't load at all.

And I noticed these troubles even BEFORE this thread was started...

^

 

[Paul]

^

It was on Hacker News yesterday, and probably on 4chan before that. Of course, it's possible there's also an ongoing DDoS attack, but it makes little practical difference.

 

[.X.]

I have read they hacked it over the new Texas Abortion law .. as well as some of the domain sites that were allowed in .. or ALT Right people that use the hosting services or some shit like that … at any rate .. in the article I read it said they are going to release the data and whatever ..

I don’t care about name .. address .. phone number or any of that stuff getting out .. I would give all that out and not even care ..

So it’s all about financial info IMO .. credit .. debit card and ect .. I have been through a couple of data breach situations .. one of them I just waited to see if my CC would be used .. it was .. for two identical $500 purchases .. I got with the FBI after going through the fraud protocol with CC company .. the FBI located the person that made the charges on mine as well as others CC ..it was dark web shit and ended up resulting in 18 federal arrests

 

[Jurgen Wolf]

So their BitMitigate is not ready even for Hacker News readers???
Sorry, but I can't comment anymore these theories.

 

[Paul]

Sorry, but I can't comment anymore these theories.

I would hope that their login form is having trouble because they're using something more secure than MD5 for that system. Without getting too technical, the more secure your password storage solution, the more susceptible it is to being overloaded.

 

[Jurgen Wolf]

Were total slowness and troubles there... with any changes for domains.
Not just login form.

BEFORE this thread.

 

[Paul]

Were total slowness and troubles there... with any changes for domains.
Not just login from.

BEFORE this thread.

Yes, you've mentioned that once or twice. Unfortunately, without additional information, that's not particularly useful in assessing what happened.

 

[Jurgen Wolf]

For example, after I clicked SAVE button for another nameservers - successful banner appeared after ~30 seconds.

 

[tonyk2000]

As a side note. The pdf mentions Epik-provided "hosting" of various websites the hackers do not like. I refreshed my memory and checked whois of a few domains of this nature (registered via epik). Would not post domains in this thread - it is indexed and may attract irrelevant comments from non-domaining community as the result. But, any domainer can generate such a list. From ~3 domains I remembered, ALL are using cloudflare dns servers and cloudflare IPs. So, epik serves as a registrar only. So, it is unclear what are the hackers speaking about? What real IPs, hosting companies, etc..? Just the non-private whois (how real would it really be?)... payment details maybe (should be anonymous like btc)... ?

 

[.X.]

As a side note. The pdf mentions Epik-provided "hosting" of various websites the hackers do not like. I refreshed my memory and checked whois of a few domains of this nature (registered via epik). Would not post domains in this thread - it is indexed and may attract irrelevant comments from non-domaining community as the result. But, any domainer can generate such a list. From ~3 domains I remembered, ALL are using cloudflare dns servers and cloudflare IPs. So, epik serves as a registrar only. So, it is unclear what are the hackers speaking about? What real IPs, hosting companies, etc..? Just the non-private whois (how real would it really be?)... payment details maybe (should be anonymous like btc)... ?

a couple of things that we need hear from the people themselves … first from Rob Monster concerning the whole situation.. second from Anonymous as to rather it is truly anonymous that did the hack .

 

[Paul]

@tonyk2000, I wouldn't read too much into the message written by the attacker.

 

[Paul]

second from Anonymous as to rather it is truly anonymous that did the hack .

"Anonymous" isn't a cohesive entity or organization; it's just a term used by random attackers. The letter from the attacker even pokes fun at this fact:

OFFICIAL ANONYMOUS (not to be confused with 'Anonymous Official' grifters) PRESS RELEASE

As such, there's no way you could "hear from Anonymous."

 

[.X.]

I looked all over the internet .. including Dark .. I have found nothing from Anonymous stating they coordinated and are responsible for the hack .. so until clarity comes from Rob Monster and Anonymous.. I will just monitor

 

[Paul]

I looked all over the internet .. including Dark .. I have found nothing from Anonymous stating they coordinated and are responsible for the hack .. so until clarity comes from Rob Monster and Anonymous.. I will just monitor

I've already explained this.

 

[.X.]

"Anonymous" isn't a cohesive entity or organization; it's just a term used by random attackers. The letter from the attacker even pokes fun at this fact. As such, there's no way you could "hear from Anonymous."

the hacker or hackers usually post a video .. if it’s an anonymous hacker .. maybe things have changed though .. who knows

 

[tonyk2000]

@tonyk2000, I wouldn't read too much into the message written by the attacker.

Yeah, indeed But, due to radio silence we have from epik... what else?

 

[Paul]

the hacker or hackers usually post a video .. if it’s an anonymous hacker .. maybe things have changed though .. who knows

It's never been like that. It's a common point of confusion.

It would be akin to a group of people who wear jeans. Anyone can join the group by simply wearing jeans. Who represents the group? Well, nobody, really; it's just an arbitrary collection of people who have decided they want to be part of that collection.

Attackers know this causes confusion and play it up.

 

[.X.]

I've already explained this.

sorry .. I don’t dig through threads .. I join in on whatever page the thread is on and comment ..

 

[dirk]

Skipped the couple of hundred posts. Is it true they were hacked? Sorry for being lazy but if true I'd better start transferring instead of going through all posts.

 

[.X.]

It's never been like that. It's a common point of confusion.

It would be akin to a group of people who wear jeans. Anyone can join the group by simply wearing jeans. Who represents the group? Well, nobody, really; it's just an arbitrary collection of people who have decided they want to be part of that collection.

Attackers know this causes confusion and play it up.

I am fully aware it is not a group .. gang or the sort … it’s not an alliance .. it’s an allegiance and all that stuff .. I had a friend of mine do the Dark Web shit .. there was nothing of data release or any one flaunting responsibility for that attack ..at least not as of 3 am ..