alert Epik Had A Major Breach

[Silentptnr]

Just read this. Looks like Epik may have been hacked and sensitive data compromised...

Read here:
https://domainnamewire.com/2021/09/14/hackers-claim-significant-epik-breach/

Thought I would share this.

 

[.X.]

I have not downloaded the data. There is no point as there is nothing I would be doing with it.

I think the legal authorities are likely going to be more interested in some of the connections which are unearthed, not the ones to do with domainers.

If someone actually tries to fraudulently use a credit card, they are clearly playing with fire. That is a well defined crime, without any ambiguity.

Brad

i am glad you didn’t download the Data .. possession is 9/10ths of the law .. in my state .. if you are caught with stolen property .. rather you know it’s stolen or not .. you get the charge for it .. you could buy something stolen ..have no idea it is stolen .. get stopped .. they run the item .. it comes back stolen .. that person is in the back of Police car in route to jail on a felony charge .. possession of stolen property .. I don’t know about other states .. I will Google that shit and see

 

[.X.]

.anyone have an idea or heard through the grapevine where the hacker might be from??? Maybe Canada ?? Who ordered the Hack ?? Maybe the name starts with a A ??? Maybe the hacker has a user name that starts with K ??? It’s just so confusing .. it sucks being a victim like myself .. it’s mental anguish to be victimized and violated .. and have my financials spread out all over the internet

 

[Future Sensors]

.anyone have an idea or heard through the grapevine where the hacker might be from??? Maybe Canada ?? Who ordered the Hack ?? Maybe the name starts with a A ??? Maybe the hacker has a user name that starts with K ??? It’s just so confusing .. it sucks being a victim like myself .. it’s mental anguish to be victimized and violated .. and have my financials spread out all over the internet

You seem to have some very specific details. Please pass them to Epik, so that they can share it with law enforcement.

 

[Molly White]

@Molly White You're the only one I've seen here (or at least who I remember) who is also active with the researchers on Twitter. So I hope you can relay this info to the guy who violated people's privacy by posting details on every single Epik customer. He's doxxing thousands of innocent people.

 

[.X.]

nice to meet you Molly .. are you a Independent researcher or independent Journalist ??? I like the new use of “Independent” it enables me to be a Independent Investigator .. because all my information and financials are in the hands of what I suspect many many people .. Independent Investigator .X.

 

[.X.]

@Molly White … can you write about how thousands of innocent people are a victim of this Hack?? I am not a proud boy nor do I know one .. I am not a far right person .. I have never been a member of gab or any of the controversial websites that people speak about .. but yet I am sitting here a victim of my personal info and Financial info being stolen and in the hands of how many people ???

 

[MasterOfMyDomains]

Putin is behind it, not a Canadian. When he heard was some shitty russian code powering epik, he said lets shake up the right. God Bless America

 

[Molly White]

nice to meet you Molly .. are you an Independent researcher or independent Journalist ??? I like the new use of “Independent” it enables me to be a Independent Investigator .. because all my information and financials are in the hands of what I suspect many many people .. Independent Investigator .X.

Certainly not a journalist. I guess "researcher" is a fair descriptor in some ways. My post history here is visible to you, and will explain who I am.

 

[Molly White]

@Molly White … can you write about how thousands of innocent people are a victim of this Hack?? I am not a proud boy nor do I know one .. I am not a far right person .. I have never been a member of gab or any of the controversial websites that people speak about .. but yet I am sitting here a victim of my personal info and Financial info being stolen and in the hands of how many people ???

This is exactly what I meant with my image. Perhaps you should ask Rob Monster, and the others responsible for Epik's systems, to explain that to you.

 

[.X.]

Putin is behind it, not a Canadian. When he heard was some shitty russian code powering epik, he said lets shake up the right. God Bless America

… no .. Canada .. Oh Canada

 

[.X.]

This is exactly what I meant with my image. Perhaps you should ask Rob Monster, and the others responsible for Epik's systems, to explain that to you.

ah .. the image is blank .. K .. well nice to meet you Molly White

 

[MasterOfMyDomains]

How are you ma’am? I am starting to suffer the some same symptoms as well. I remember chatting with you way back when your domains got stolen 2011ish You have suffered enough. Anything i can do to help with your symptoms let me know, maybe cure some of mine at same time.
Edited for security purposes

As I said I am suffering from all these symptoms-
Domain PTSD, lack or no sex drive, loss of appetite ,loss of hair, loss of enjoyment in life, pain and suffering.....sleepless nites and excruciating frighten nightmares that my domains gone vanish....and worst still in this unprecedented ( I bet you have heard this word unpreceded billions of times already) times, it has excruciated my pain....

so what the F did I do wrong when the company that I trusted can't protect my personal data?
Will the CEO/founders and management be criminally charged and go to jail for jeopardizing the health and welfare of the customers?

Do they really care?
So who is going to pay for my mental therapy?? and other sufferings..

 

[DomainNature]

.anyone have an idea or heard through the grapevine where the hacker might be from??? Maybe Canada ?? Who ordered the Hack ?? Maybe the name starts with a A ??? Maybe the hacker has a user name that starts with K ??? It’s just so confusing .. it sucks being a victim like myself .. it’s mental anguish to be victimized and violated .. and have my financials spread out all over the internet

From that long 3 hours video, it points to a popular hacker which is behind Anonimous, his name is Aubrey Cottle and username Kirtaner he also calls himself Kirt of Camelot and he is from Canada.
Someone in the chat of that vid wrote that he hacked Epik, so Mr.Rob knows that he is behind this hack.
The guy who ordered the hack may be Steven Monaceli if not wrong with the name.

Now you must ask yourselves all who view this thread, if I not like for example LGBTQ+, porn, gamble and other websites, I must go and hire hackers to take them down. Do you think this is proper? There are many other ways to fight with them and it is not by hacking their websites, believe me.

 

[Molly White]

ah .. the image is blank .. K .. well nice to meet you Molly White

https:// imgur.com/gallery/MzBhJMT

 

[.X.]

How are you ma’am? I am starting to suffer the some same symptoms as you. I remember chatting with you wayback when your domains got stolen 2011ish. You have suffered enough. Anything i can do to help with your symptoms let me know, maybe cure some of mine at same time.

only one big problem .. Epik did not “Give” the data away .. it was stolen .. that fact won’t be over shadowed by vulnerabilities… it was stolen .. period

 

[Start]

[stupid cartoon image]

That's ridiculous, and callous quite frankly.

The fact is, "researchers" publicizing details is more like the researchers punching the Epik customers in the face (after Epik already kicked them in the stomach). All I did was ask for researchers to not punch the victims (customers) in the face. So don't act like researchers are the victims here, simply for being asked to show some sense.

I wrote detailed information about why the publicizing is wrong, and it's quite disappointing that all you respond with is a foolish meme cartoon.

And adding to the problem is the fact that researchers are basically giving people the impression on Twitter that most Epik customers are far-right / neo-nazis. And then journalists are parroting that too, like the news article that I posted above (https://www.namepros.com/threads/epik-had-a-major-breach.1252094/page-71#post-8408943)

So they essentially tell people that Epik customers are mostly neo-nazis, and then they publish a list of all Epik customers. Gee, I wonder why that's a problem...


Here's a post last year regarding what I think of Trump supporters:
https://www.namepros.com/threads/the-usa-political-thread.764342/page-2713#post-7985766

So I don't appreciate researchers falsely acting like most of Epik's customers are neo-nazis.

I didn't know of Rob's political views when I signed up (nor did I know Joseph's (the #2 person in charge) and he turned out to be a left-wing guy), and Epik wasn't controversial until about 2019.

I would bet that way more than half of Epik's customers didn't even know who Rob is... out of 24,000 people/companies on that list, ~14,000 only had 1 domain; and I think ~20,000 had less than 10 domains.

Most people don't know about NamePros either. I only visit periodically, and I didn't know a lot that's in this thread (and it's taken time to wade through it). There are always a lot of posts on NamePros, and it's often not a great "signal to noise" ratio.

I didn't like that Rob got involved with Gab and the other controversies, so I moved domains out and I only have a small number of domains left at Epik

But like I said, it's time-consuming to transfer domains out of some registrars, and especially with the pandemic, I was sometimes too busy to do that. From the list, I also saw other people/companies who even had public disputes with Epik, and they also still had domains at Epik as of February -- likely for the same reason.

And like I said, the 7cents of profit per domain they were getting from me wasn't exactly funding them (I probably even cost them money, because they lost money per domain when I transferred domains to them during promos).

And speaking of Gab, I see that their DNS shows they're with CloudFlare... and it's not like all CloudFlare customers are far-right either.

The bottom line is that there's no justification for "researchers" to be doxxing thousands of innocent people/companies.


And frankly, part of the problem is that the "researchers" seem to be vigilante computer programmers pretending that they're social scientists. But the decisions on what to publish are more suited to actual social scientists like this guy: https://en.wikipedia.org/wiki/Ronald_Deibert

 

[Future Sensors]

I would bet that way more than half of Epik's customers didn't even know who Rob is... out of 24,000 people/companies on that list, ~14,000 only had 1 domain; and I think ~20,000 had less than 10 domains.

You cannot draw this conclusion easily. In the spreadsheet that is no longer present on Twitter, there was a field with over 14K users using the Anonymize service for their domain details. These users are not further specified.

 

[Windoms]

only one big problem .. Epik did not “Give” the data away .. it was stolen .. that fact won’t be over shadowed by vulnerabilities… it was stolen .. period

That's ridiculous, and callous quite frankly.

The fact is, "researchers" publicizing details is more like the researchers punching the Epik customers in the face (after Epik already kicked them in the stomach). All I did was ask for researchers to not punch the victims (customers) in the face. So don't act like researchers are the victims here, simply for being asked to show some sense.

I wrote detailed information about why the publicizing is wrong, and it's quite disappointing that all you respond with is a foolish meme cartoon.

And adding to the problem is the fact that researchers are basically giving people the impression on Twitter that most Epik customers are far-right / neo-nazis. And then journalists are parroting that too, like the news article that I posted above (https://www.namepros.com/threads/epik-had-a-major-breach.1252094/page-71#post-8408943)

So they essentially tell people that Epik customers are mostly neo-nazis, and then they publish a list of all Epik customers. Gee, I wonder why that's a problem...


Here's a post last year regarding what I think of Trump supporters:
https://www.namepros.com/threads/the-usa-political-thread.764342/page-2713#post-7985766

So I don't appreciate researchers falsely acting like most of Epik's customers are neo-nazis.

I didn't know of Rob's political views when I signed up (nor did I know Joseph's (the #2 person in charge) and he turned out to be a left-wing guy), and Epik wasn't controversial until about 2019.

I would bet that way more than half of Epik's customers didn't even know who Rob is... out of 24,000 people/companies on that list, ~14,000 only had 1 domain; and I think ~20,000 had less than 10 domains.

Most people don't know about NamePros either. I only visit periodically, and I didn't know a lot that's in this thread (and it's taken time to wade through it). There are always a lot of posts on NamePros, and it's often not a great "signal to noise" ratio.

I didn't like that Rob got involved with Gab, so I moved domains out and I only have a small number of domains left at Epik.

But like I said, it's time-consuming to transfer domains out of some registrars, and especially with the pandemic, I sometimes I was too busy to do that. From the list, I also saw other people/companies who even had public disputes with Rob/Epik, and they also still had domains at Epik as of February -- likely for the same reason.

And like I said, the 7cents of profit per domain they were getting from me wasn't exactly funding them (I probably even cost them money, because they lost over a dollar per domain when I transferred domains to them originally).

The bottom line is that there's no justification for "researchers" to be doxxing thousands of innocent people/companies.

Lol leave researchers alone HAHA the way you guys are behaving its hilarious.
Epik is the only one responsible here.

@Molly White , researchers, keep doing your work.

 

[Start]

You cannot draw this conclusion easily. In the spreadsheet that is no longer present on Twitter, there was a field with over 14K users using the Anonymize service for their domain details. These users are not further specified.

I think Anonymize is the default whois info at Epik. But the list I saw had actual owners listed. And plenty of them were even people in India, Nigeria, etc. (not exactly a hotbed of neo-nazis!).

And I got some customers to buy domains through Epik years ago, and I don't like that if they kept the domain at Epik (and people often do simply keep a domain where it is... that's how NetworkSolutions still has so many customers), they're now being doxxed and "researchers" are giving people the impression that they're neo-nazis.

I know that they're just regular people. And they don't know who Rob is.

- Just like most people who use Dynadot, NameSilo, NameCheap, etc. don't know who those CEOs are.

- And like many companies, Epik also had/has a "referral" program, so people might get a few dollars if someone signs up (and makes a purchase) through their custom link or banner ad. So I'm sure many people signed-up on Epik simply because someone else suggested it.


The "researchers" should at least just make it clear to people (on Twitter and elsewhere) that the neo-nazi scum are just a small fraction of Epik's customers. Until 2-3 years ago, Epik wasn't controversial and Rob didn't really make his political views known -- and Epik has been operating for far longer than that.

Instead, I saw on Twitter that someone asked if Epik's customers were all far-right, and one of the main "research" tweeters replied that there are "some innocent people" (gives the impression it's a small fraction)... but the vast majority of Epik's customer base are just regular people.

 

[.X.]

From that long 3 hours video, it points to a popular hacker which is behind Anonimous, his name is Aubrey Cottle and username Kirtaner he also calls himself Kirt of Camelot and he is from Canada.
Someone in the chat of that vid wrote that he hacked Epik, so Mr.Rob knows that he is behind this hack.
The guy who ordered the hack may be Steven Monaceli if not wrong with the name.

Now you must ask yourselves all who view this thread, if I not like for example LGBTQ+, porn, gamble and other websites, I must go and hire hackers to take them down. Do you think this is proper? There are many other ways to fight with them and it is not by hacking their websites, believe me.

The Hack affected so many innocent people .. some of these people are whales in the domain industry … if they are like me .. although I am not industry whale .. spending money on this is actually a pleasure .. .. well spent $$$$$ IMO … stealing peoples shit no is wrong and criminal .. stealing innocent peoples shit says they are fucking spineless .. I won’t be going through this again .. guaranteed

 

[Start]

HAHA the way you guys are behaving its hilarious.
Epik is the only one responsible here.
.

No, it's not funny that "researchers" (not actual social scientists, but just computer programmers who specialize in technical issues, and not ethical and societal decisions/analysis) are basically telling people that Epik's customers are mostly neo-nazis, and then publishing a list of all Epik customers.

That is a problem, due to Epik's terrible security, and due to the people publicizing this info and giving the wrong impression (which is being parroted by reporters who don't know better too).

 

[.X.]

I think Anonymize is the default whois info at Epik. But I think the list I saw had actual owners listed. And plenty of them were even people in India, Nigeria, etc. (not exactly a hotbed of neo-nazis!).

And I got some customers to buy domains through Epik years ago, and I don't like that if they kept the domain at Epik (and people often do simply keep a domain where it is... that's how NetworkSolutions still has so many customers), they're now being doxxed and "researchers" are giving people the impression that they're neo-nazis.

I know that they're just regular people.

At least just make it clear to people (on Twitter and elsewhere) that the neo-nazi scum are just a small fraction of Epik's customers. Rob didn't really make his political views known until 2-3 years ago, and Epik has been operating for far longer than that.

Instead, I saw on Twitter that someone asked if Epik's customers were all far-right, and one of the main "research" tweeters replied that there are "some innocent people"... but the vast majority of Epik's customer base are just regular people.

exactly … Regular people using a domain register .. innocent people caught up a personal Hack ..

 

[Jurgen Wolf]

This holywar doesn't matter as of now (after 2 weeks), Epik's toxicity is on maximum regardless of your own lifestyle or desires.
Forget and move on... No other way.

 

[bmugford]

At least just make it clear to people (on Twitter and elsewhere) that the neo-nazi scum are just a small fraction of Epik's customers. Rob didn't really make his political views known until 2-3 years ago, and Epik has been operating for far longer than that.

... but the vast majority of Epik's customer base are just regular people.

Yeah, I agree with that. It was really the New Zealand shooting thing that put Epik on the extreme radar, at least as far as my recollection.

Their actions after that became even more problematic.

If you are just some random domain investor you might not be aware of any of this when it comes to Epik. Not everyone reads domain blogs or participates on domain forums.

Many of the highest domain counts there are just domain investors who likely are there for pricing and might not know about any of the other stuff.

Brad

 

[.X.]

No, it's not funny that "researchers" (not actual social scientists, but just computer programmers who specialize in technical issues, and not ethical and societal decisions/analysis) are basically telling people that Epik's customers are mostly neo-nazis, and then publishing a list of all Epik customers.

That is a problem, due to Epik's terrible security, and due to the people publicizing this info and giving the wrong impression (which is being parroted by reporters who don't know better too).

They use “Independent” … that is the new going fad .. so i use Independent too … Independent Investigator .X.

what happened was .. a Hacker stole our shit .. put it up for download by anyone who wants it .. tons of innocent peoples information and financial information .. I don’t give a fuck about no neo - Nazi .. I am not one of them and neither is the majority of people who got their shit stolen .. our shit was stolen .. that is what happened ..no one authorized anyone to steal our shit .. it was stolen straight up ..