alert Epik Had A Major Breach

[DaveX]

Just read this. Looks like Epik may have been hacked and sensitive data compromised...

Read here:
https://domainnamewire.com/2021/09/14/hackers-claim-significant-epik-breach/

Thought I would share this.

 

[DaveX]

This thread has sewered and needs attention from mods. Sharing hacked data and suggesting to exploit it? That's heroism

I would agree a comment like the one you pointed out could be moderated.

 

[Derek Peterson]

Several of my posts have been removed because Rob Monster shills keep reporting them so let me restate my position on page 70.

Epik's security was so poor that I believe this hack was an inside job, meaning someone at EPIK intentionally left the doors open so the data could be "hacked".

EPIK's VP Robert Davis seems like he is deeply entrenched in intelligence agencies and those types love to get this kind of data of right wing activists. He is also cryptologist expert, so I find it odd EPIK had such poor security in place, and by odd I mean suspicious.

Using 3rd parties to "hack" data is an easy way for FBI to get access to the data AND be able to use it to prosecute people for "crimes" such as hate speech or colluding on Jan 6th or whatever. If they took it themselves it would not be admissible in a trial but now that it is public they can. Gab recently pulled the same stunt when they added a ridiculous sql injection vulnerability to their code by "accident" and were hacked and all user data was also published online.

We know the FBI has been in frequent communications with EPIK and Rob this year, probably because of all the Jan 6th drama because several internal communications were also leaked as part of this "hack".

I have known Rob Monster for many years and I have seen him lie and manipulate many, many times. He uses Christianity to get people to put down their defenses so he can manipulate them. (I am a born again, Bible believing Christian).

However, if this was just an incredible example of incompetence the fact of the matter is that it was brought about because Rob Monster has a long history of not caring about user privacy or security as demonstrated when he launched a fake VPN several years ago, claiming to own it when in fact it was actually a white label that he had no control over. When confronted with this fact he threatened me and others with court actions or even physical harm, tried to get me banned everywhere (including on this site) and slandered me by calling me all sorts of names ON THIS SITE, which was never removed, although I don't report such things because I am a man.

In conclusion, whether this hack was intention or just incompetence, the bottom line is that Rob Monster and EPIK should not be trusted if you are someone doing sensitive things that could put you in jeopardy if your info is revealed.

 

[noneisnone]

@Derek Peterson you have so much information we thank you for providing us with it but if you can let go of the condescending and belittling comments am sure no one would mind your posts matter of fact they will appreciate it

the aggressive comments in regards to rob makes it seem personal which takes the light off the information you provide

 

[Shackleton]

Does anybody know if Epik had cyber insurance? Maybe they are too small to carry this coverage.

 

[Derek Peterson]

@Derek Peterson you have so much information we thank you for providing us with it but if you can let go of the condescending and belittling comments am sure no one would mind your posts matter of fact they will appreciate it

the aggressive comments in regards to rob makes it seem personal which takes the light off the information you provide

I am doing the best I can but I am not a robot. People are going to have their lives ruined because of this "hack", some will be killed. Perhaps you should care a little more about others.

 

[Derek Peterson]

Does anybody know if Epik had Director's and Officer's liability or cyber insurance?

I would be surprised if they didn't have errors and omissions insurance but sue them anyway

 

[noneisnone]

@Derek Peterson my bad for trying to help broski keep doing you

 

[sonatime]

Actually, @bmugford has been a great contributor to this thread. I feel you are being disrespectful considering you recently joined the thread.

Fair enough, maybe without context, it sounded out of place. I would have preferred the thread to be informative, as many of us would like to keep up and learn from this. Epik not commenting is probably par the course in times like these. That being said, anything with Epik turns to politics and fringe hate stuff and culminating in domainers posting criminally obtained doxxed info of other domainers in the thread. No self filter, no critical thought, only enthusiasm.

Not long ago, Brad was anti doxxing, law violations, TOS violations when it came to abortion sites etc., but when doxxed info arrived here in the thread, it was a smiley face.

 

[topdom]

One way to hack sites, I suspect... Whoever controls SSL system may steal lots of login info. To get a working SSL cert, you need to pass through a few companies, otherwise browsers won't recognize those certs as valid. Those few companies can sniff traffic and steal critical data...(I may be totally wrong..because I'm naive in this topic), I mean, they would have a backdoor to decode data. Self-signed certs would be safe to a company but maybe not look safe to others, and those elite SSL companies may take advantage of this situation, and a site with self-signed certificate looks unsecure (browser warning), while nonssl sites may look ok.

 

[carob]

There is another angle of Epik that could invite investigation, especially of customers: Tax.

Rob Monster had been advertising their escrow services on here saying that could help sellers transact "tax-free": That certainly could attract attention.

https://www.namepros.com/threads/if...ng-time-and-money.1119508/page-2#post-7080342

Which was in reply to this claim: https://www.namepros.com/threads/if...-wasting-time-and-money.1119508/#post-7079390

In the UK you have to say on your tax return if you used any tax avoidance schemes. Forget to say so, get in trouble later. Say yes and you have to identify what you did so the taxman can look into it.

Someone else now raising the tax angle:

https://twitter.com/x/status/1442591664908865538

 

[bmugford]

Does anybody know if Epik had cyber insurance? Maybe they are too small to carry this coverage.

Any legit company that serves customers should carry some type of business liability insurance, though I have no idea what it would actually cover in this case.

Brad

 

[NickB]

Any legit company that serves customers should carry some type of business liability insurance, though I have no idea what it would actually cover in this case.

Brad

It's a complicated mess - In the UK I think it would be Cyber & Data Risk Insurance but you might also need online business insurance mixed in with product liability insurance, so most likely a bespoke plan....

I'm no expert by any means on UK Insurance policies and would not even know where to begin for other countries

 

[bmugford]

Fair enough, maybe without context, it sounded out of place. I would have preferred the thread to be informative, as many of us would like to keep up and learn from this. Epik not commenting is probably par the course in times like these. That being said, anything with Epik turns to politics and fringe hate stuff and culminating in domainers posting criminally obtained doxxed info of other domainers in the thread. No self filter, no critical thought, only enthusiasm.

Not long ago, Brad was anti doxxing, law violations, TOS violations when it came to abortion sites etc., but when doxxed info arrived here in the thread, it was a smiley face.

Fair enough, but it was a joke. Obviously.

Sure, it sucks but the vast majority of these emails are likely already on all the domain spam lists, as people have been scraping new registrations for years when it comes to SEO, web design, and other spam.

Again, I have also been "pwned" in this data breach, likely because I had an account a decade ago with InTrust domains, before Epik acquired them and way before any of the controversy with Epik. Outside that I have really had nothing to do with Epik. I would rather not be on the list as well.

Brad

 

[bmugford]

Someone else now raising the tax angle:

https://twitter.com/x/status/1442591664908865538

Yeah, that could get interesting tax wise.

Alternative currency pitched as way to avoid taxes could be behind PayPal’s decision to stop providing services to Epik.

https://domainnamewire.com/2020/10/...oidance-at-center-of-epik-paypal-controversy/

 

[Future Sensors]

It's a complicated mess - In the UK I think it would be Cyber & Data Risk Insurance but you might also need online business insurance mixed in with product liability insurance, so most likely a bespoke plan....

I'm no expert by any means on UK Insurance policies and would not even know where to begin for other countries

Sure you can. However, such an insurance can make exceptions to what is covered, for example in the event of negligence.

With regard to the processing and storage of credit card data, the applicable requirements do not appear to have been acted upon. The company has also stated that it has used "shitty russian code". Some statements made about a service like WhoQ.com may not have been helpful too (RM: "WhoQ.com, for making WHOIS work properly again after GDPR and RDAP broke it")

Further reading:

Shouldn’t cyber-insurance cover negligence?
https://www.lexology.com/library/detail.aspx?g=4c0f46db-bd82-40b0-b04b-b165229ef08e

 

[Start]

I was just looking on Twitter and saw a link to this article:

https://bangordailynews.com/2021/09...of-web-company-that-serves-far-right-clients/

This article is an example of what I wrote about in detail here:
https://www.namepros.com/threads/epik-had-a-major-breach.1252094/page-70#post-8408804

The "researchers" on Twitter are giving people the impression that most Epik customers are neo-nazis or similar... even though I'd say 99% of Epik customers are regular people, many of whom became customers years ago, when Epik was just another registrar and not controversial.

So now journalists like that reporter, who maybe have never even registered a domain (or at the very least, don't know much about registrars in general) are spreading that impression.

Average people who see the title "190 Mainers’ data exposed in hack of web company that serves far-right clients" are going to assume that most of the customers are far-right. You can see that in the comments below the article too.

People on Twitter ("researchers" or others who should know better) need to realize that most Epik customers are regular people (not far-right), and stop acting like they're mostly neo-nazis.

And think about the ramifications of that, instead of doxxing every single Epik customer!

I wrote more here:

https://www.namepros.com/threads/epik-had-a-major-breach.1252094/page-70#post-8408804

 

[tonyk2000]

One way to hack sites, I suspect... Whoever controls SSL system may steal lots of login info. To get a working SSL cert, you need to pass through a few companies, otherwise browsers won't recognize those certs as valid. Those few companies can sniff traffic and steal critical data...(I may be totally wrong..because I'm naive in this topic), I mean, they would have a backdoor to decode data. Self-signed certs would be safe to a company but maybe not look safe to others, and those elite SSL companies may take advantage of this situation, and a site with self-signed certificate looks unsecure (browser warning), while nonssl sites may look ok.

When you secure a website with a SSL cert, you have to generate a private key. This key remains private (it is stored on a server where the site is hosted, obviously). What can the companies like Lets Encrypt do is to track what sites are visited, how frequently, and from what IPs. This is because the browsers tend to verify the certificate validity each time you visit httpS webste. How? By contacting the certificate issuer, in the background (is the cert. good and not revoked?). Saying nothing about Safe Browsing setting which is frequently ON by default - each visited site is reported to google or another safety provider - all for your safety of course.

What actually happens with each particular browser+website combo may vary, it depends on different settings on both ends, and going that deep would be offtopic here. Google Chrome (at some point of time last time I checked - did not verify SSL validity, but had Safe Browsing ON)

Long story short - disable safe browsing and certificate validation if you want to minimize tracking...

 

[Future Sensors]

When you secure a website with a SSL cert, you have to generate a private key. This key remains private (it is stored on a server were the site is hosted, obviously). What can the companies like Lets Encrypt do is to track what sites are visited, how frequently, and from what IPs. This is because the browsers tend to verify the certificate validity each time you visit httpS webste. How? By contacting the certificate issuer, in the background (is the cert. good and not revoked?). Saying nothing about Safe Browsing setting which is frequently ON by default - each visited site is reported to google or another safety provider - all for your safety of course.

What actually happens with each particular browser+website combo may vary, it depends on different settings on both ends, and going that deep would be offtopic here. Google Chrome (at some point of time last time I checked - did not verify SSL validity, but had Safe Browsing ON)

Long story short - disable safe browsing and certificate validation if you want to minimize tracking...

I think topdom meant rogue certificate authorities, but it's not in the scope of this thread.

 

[NickB]

Sure you can. However, such an insurance can make exceptions to what is covered, for example in the event of negligence.

With regard to the processing and storage of credit card data, the applicable requirements do not appear to have been acted upon. The company has also stated that it has used "shitty russian code". Some statements made about a service like WhoQ.com may not really help too (RM: "WhoQ.com, for making WHOIS work properly again after GDPR and RDAP broke it")

Further reading:

Shouldn’t cyber-insurance cover negligence?
https://www.lexology.com/library/detail.aspx?g=4c0f46db-bd82-40b0-b04b-b165229ef08e

That's a U.S case study....

So even if the insurers decide not to pay out you can still pursue a claim

Here in the U.K you could struggle with a negligence claim, even though it was in this instance - it would fall under data protection infringement with a small possibility that a negligence claim would not be completely off the table....

Would Epik still be covered for Data Protection Infringement? Either way they are in the sh*t......

UK High Court Ruling Restricts Scope for Data Security Breach Compensation Claims

"The key takeaway from this case is that potentially this ruling reduces the scope of compensation litigation risk for businesses for data security breaches, i.e. for what might be called “kitchen-sink” type claims where Breach of Confidence, Misuse of Private Information and Negligence are all thrown in. Instead, those seeking to make a claim are likely to only be able to rely on claims for infringement of data protection legislation. But, it remains conceivable that, depending on the given facts, an individual tries to argue that under Breach of Confidence and/or Misuse of Private Information, positive wrongful acts were committed by a business in a data security breach occurrence that give rise to a compensation claim."

https://www.corderycompliance.com/scope-restrictions-data-breach-comp-claims/

 

[tonyk2000]

It appears that social media researches are now trying to connect the dots: Epik, IP addresses, RIRs (Regional Internet Registries) and hosting/datacenter companies. Not an easy task, as one needs to have proper knowledge for such a research.

In mathematical logic, false imply everything. Golden rule

Resultingly, so far, the researchers are ending up with basically the following (or, they will in a few days):

And, according to the researches, Epik plays a major role in the above.