alert Epik Had A Major Breach

[DaveX]

Just read this. Looks like Epik may have been hacked and sensitive data compromised...

Read here:
https://domainnamewire.com/2021/09/14/hackers-claim-significant-epik-breach/

Thought I would share this.

 

[carob]

"His company Epik describes itself as “the Swiss bank of domains” and is one of the few US-based registrars with a history of refusing to respond to reports of illegal activity. According to a report by the pharmaceutical watchdog organization LegitScript, Epik has been told that some of the domains the company sponsors sell illegal drugs and inauthentic medications, yet the company has not acted." (WIRED, 2018)

Here is Epik's own 2017 statement on LegitScript: https://www.epik.com/blog/why-i-stood-up-to-legitscript.html

https://www.legitscript.com/blog/2017/03/us-registrar-epik-plays-dangerous-game/


And a later case: https://www.namepros.com/threads/legitscript-and-name-com-holding-domains-hostage.1141035/

 

[carob]

https://www.epik.com/blog/why-i-stood-up-to-legitscript.html
/

In that blogpost from Epik.com Rob Monster says this:

I am rarely sick, avoid vaccines, and rarely take a pill other than nutritional supplements from reputable sources.

Other vaccine views here: https://www.namepros.com/threads/wh...-and-rob-monster.1128748/page-43#post-7190930

Not sure that extends to vaccinating servers against infection and hacking.

 

[Sid P]

Another Epik breach
The hacking collective Anonymous has announced another data leak from the web hosting company Epik. Data includes full disk images of Epik's server infrastructure & exposes at least 59 API keys for Twitter, Coinbase, PayPal, & more
dailydot .com/ debug/anonymous-new-epik-leak/
twitter .com /MikaelThalen/status/1443303462054236160

 

[Future Sensors]

Another Epik breach

Please be advised that this is not a new (3rd) data breach.

We're discussing the second one (the second data leak, to be more precise) for a few days already in this thread.

 

[br1ll1on]

I’m not keen on all the finger pointing here. We were strongly discouraging it before Rob emailed me, and that policy hasn’t changed.

It’s not helping anyone to assign blame right now, and it’s a subjective matter anyway—we could argue for hundreds of pages about it, and it wouldn’t do anyone any good. It would not help any of the victims here.



Once again, we do not allow vague, personal accusations. Please do not make this thread political; those discussions are already taking place elsewhere, and it isn’t the purpose of this forum.

I think we are all in unity on the truth, except for Monster. He is used to bullying employees and family or people he has control over. Must be frustrating to have to look at and deal with reality for a change.

don't make it personal ,the thread is supposed to be used for addressing the Epik hack (even tho quite a few ppl have gone off that purpose)

 

[tonyk2000]

On the response (or lack thereof) of Epik to the customers (most notably in this thread, which is actually the richest source of information):

Tout Va Tres Bien Madame La Marquise, an old French song. French-speaking members can enjoy it in its entirety. English translation embedded...

 

[eternaldomains]

https://twitter.com/x/status/1443975549442011136

https://twitter.com/x/status/1443975550998130698

https://twitter.com/x/status/1443975552440930306

Sounds great but unfortunately it's a new Twit account with no followers. The general ignorant public will prefer to be out for blood and brand every domainer as a nazi rather than to listen to real research. That Troy Hunt poll proved their ignorance. People these days don't even understand what they're really voting for, believing that their publicly available WHOIS data was meant to be private. Attacking just 1 registrar when they should be attacking the registrars that they are using. There's no hope unless a kind tech celebrity says the quoted statements, a being that can only exist in another dimension far far away..........

 

[finitecrystal]

2) They are anarchist, that is their motive.

3) They are criminals in the worst sense. You can argue E. Snowden or CPL. Manning acted on principle. They exposed wrong doing by our Gov.

Anonymous hurts people. Period. They helped no-one.

Do you know anything about anarchist philosophy? Do you even know what an anarchist is? Moreover, you're simply wrong. Recent hacks have revealed links between far-right organizations and the US government, which I would argue absolutely constitutes "wrong doing". I would also argue that they've "helped" at least some people, such as that real estate agency that doesn't want to have a holocaust denier working for them.

Edit by moderator: aggressive sentence removed.

 

[jmcc]

There are some claims about domain names/websites changing IP addresses being made that don't seem quite right. Some of the sites have not changed IP address and had been previously pointing to Cloudflare IP addresses prior to the release of the first 180GB leak. Others are still pointing to Epik sales landers.

Regards...jmcc

 

[bmugford]

https://www.hackread.com/anonymous-leaks-more-epik-host-data/

Epik CEO’s Response
Soon after the breach was made public, in a four-hour-long Q&A session, Epik’s CEO Rob Monster tried to defend the company. However, his video conference was somewhat unusual as he uttered prayers to defeat demons and stated that the hard drives containing the hacked data were cursed.

 

[DN Playbook]

https://www.hackread.com/anonymous-leaks-more-epik-host-data/

Epik CEO’s Response
Soon after the breach was made public, in a four-hour-long Q&A session, Epik’s CEO Rob Monster tried to defend the company. However, his video conference was somewhat unusual as he uttered prayers to defeat demons and stated that the hard drives containing the hacked data were cursed.

I watched most of it and that is not all that made it unusual. Most importantly, it provided no real information or solutions. Prayers, curses, and what, a "love you" to a swastika guy. This is stranger than fiction.

 

[Derek Peterson]

don't make it personal ,the thread is supposed to be used for addressing the Epik hack (even tho quite a few ppl have gone off that purpose)

Yes, which would include Epik and the CEO and other folks who work for Epik. A big part of discussing the hack is commenting on how poor the security was/is at Epik and their response and their past track record. That all falls on one person Rob Monster. Rob Monster is a person, therefore responses are "personal". See how that works. This thread is about much more than a technical analysis of how some hackers were able to get onto a server. It is about people, mostly Rob Monster and the decisions he makes and his character and abilities.

 

[Derek Peterson]

Does anyone know if any websites hosted by Epik have been "hacked" as a result the Epik data hacks?

 

[finitecrystal]

Does anyone know if any websites hosted by Epik have been "hacked" as a result the Epik data hacks?

The Texas GOP website was defaced before the data became public, and I have reason to believe that the hacker did that using information that was in the database. I'm not aware of any other cases but there have been a number of high-profile hacks in the last few weeks and I haven't been keeping up with all of them. If any Epik employees happen to be lurking here I would highly recommend resetting the passwords for all hosting accounts (and all accounts for anything, for that matter)

 

[dirk]

Does anyone know if any websites hosted by Epik have been "hacked" as a result the Epik data hacks?

Haven't seen anything reported so far. I could think of a certain industry related forum that might be a target since it's hosted on E's infra.

 

[Derek Peterson]

The Texas GOP website was defaced before the data became public, and I have reason to believe that the hacker did that using information that was in the database. I'm not aware of any other cases but there have been a number of high-profile hacks in the last few weeks and I haven't been keeping up with all of them. If any Epik employees happen to be lurking here I would highly recommend resetting the passwords for all hosting accounts (and all accounts for anything, for that matter)

I think oathkeepers is also hosted at Epik. Not sure Epik can even reset passwords or if it would even matter. The hackers probably still have access to live site.

 

[finitecrystal]

I think oathkeepers is also hosted at Epik. Not sure Epik can even reset passwords or if it would even matter. The hackers probably still have access to live site.

The wisest thing to do would be to shut down all their infrastructure and rebuild it from scratch, but as a domain registrar I'm not too sure they have the ability to do that. At the very least it would cause a mass panic and cause a huge influx of ICANN complaints.

I would also like to clarify that I intuitively suspect that the Oath Keepers hack was related to the Epik hack, but I cannot verify if or how that is the case.

 

[Derek Peterson]

The wisest thing to do would be to shut down all their infrastructure and rebuild it from scratch, but as a domain registrar I'm not too sure they have the ability to do that. At the very least it would cause a mass panic and cause a huge influx of ICANN complaints.

Yeah, They should at least partition things asap, at least so hosting account management is on some new server, shut down other services like vpn, and lock down all domains and then spend a year rebuilding. I see no other option either but even then I would never trust the guy.

 

[dirk]

The wisest thing to do would be to shut down all their infrastructure and rebuild it from scratch, but as a domain registrar I'm not too sure they have the ability to do that. At the very least it would cause a mass panic and cause a huge influx of ICANN complaints.

I doubt they're able to do that. Let's not forget they purchased the current registrar code by acquiring a registrar, not by developing it. But yes, wipe the drives, shut it down and rebuilding from scratch would be wise. ICANN wouldn't like it though...

 

[dirk]

I've seen people making reports of leaked sales data and that the marketplace isn't functioning as it should be. Anyone can confirm?