alert Epik Had A Major Breach

[DaveX]

Just read this. Looks like Epik may have been hacked and sensitive data compromised...

Read here:
https://domainnamewire.com/2021/09/14/hackers-claim-significant-epik-breach/

Thought I would share this.

 

[Jona4s]

internal documents also revealed the keyboard used by some top skilled engineers.

it doesn't matter what the code is doing, just upgrade it to the latest version. youll be fine.

 

[Derek Peterson]

https://twitter.com/x/status/1445081618532737040

So is this user Molly actually saying that Epik/Monster didn't have access to their own code for the last 10 years, since acquisition? So it was some kind of a lease (white label)?

 

[Molly White]

So is this user Molly actually saying that Epik/Monster didn't have access to their own code for the last 10 years, since acquisition? So it was some kind of a lease (white label)?

The screenshotted text in my tweet is from the transcript of Rob's Q&A session. The transcript is timestamped if you want to hear it from the horse's mouth. He came back to the topic a few times throughout the Q&A so I'll try to summarize: when Epik acquired the Colorado Springs-based IntrustDomains in 2011, "it came with a Russian development team". "At the time they were based in the Ukraine, or in the Crimea region. Then there were wars and then they moved to Krasnodar, and they’re based there." "The code base that the Russians were totally safeguarding, they wouldn’t give our new engineers access to the git, now we know why: the code sucked."

Epik engineers outside of that group only gained access to this 10-year-old git repository following the hack: "our top engineers mostly hadn’t seen that code because it was kind of blackboxed, behind a firewall, separate git repository, and not part of the Epik git. And that might sound surprising… considering that we’re like a registrar, but that’s basically because of the history of how that company became part of Epik. It was an acquisition, it is a captive dev team, and I’ve operated with that group to a large extent on the basis of trust. They’re good people, they’re honorable people, ethical, responsible people, but their coding methods and frameworks are not up to standard, and they’ve pretty much handed over all the keys to two top guys, Justin Tabb, David Roman."

It didn't sound to me like white labeling—Rob said they acquired the registrar code and engineering team from Intrust. But for some reason, it seems they allowed the engineering team to retain total ownership of the code, totally siloed from the rest of Epik's team.

 

[Future Sensors]

So is this user Molly actually saying that Epik/Monster didn't have access to their own code for the last 10 years, since acquisition? So it was some kind of a lease (white label)?

"This user Molly" is participating in this thread, you can ask her directly. But it's Rob himself who said things in the video meeting. As we don't know the exact contractual details re Intrust and other Epik ventures that have been acquired, we can only guess atm.

 

[Derek Peterson]

"This user Molly" is participating in this thread, you can ask her directly. But it's Rob himself who said things in the video meeting. As we don't know exact contract details re Intrust and other Epik ventures that have been acquired, we can only guess atm.

It is interesting because it would be another example of Rob basically white labeling/leasing products from others and claiming ownership.

 

[Derek Peterson]

The screenshotted text in my tweet is from the transcript of Rob's Q&A session. The transcript is timestamped if you want to hear it from the horse's mouth. He came back to the topic a few times throughout the Q&A so i'll try to summarize: when Epik acquired the Colorado Springs-based IntrustDomains in 2011, "it came with a Russian development team". "At the time they were based in the Ukraine, or in the Crimea region. Then there were wars and then they moved to Krasnodar, and they’re based there." "The code base that the Russians were totally safeguarding, they wouldn’t give our new engineers access to the git, now we know why: the code sucked."

Epik engineers outside of that group only gained access to this 10-year-old git repository following the hack: "our top engineers mostly hadn’t seen that code because it was kind of blackboxed, behind a firewall, separate git repository, and not part of the Epik git. And that might sound surprising… considering that we’re like a registrar, but that’s basically because of the history of how that company became part of Epik. It was an acquisition, it is a captive dev team, and I’ve operated with that group to a large extent on the basis of trust. They’re good people, they’re honorable people, ethical, responsible people, but their coding methods and frameworks are not up to standard, and they’ve pretty much handed over all the keys to two top guys, Justin Tabb, David Roman."

Thank you very much for that and WOW but not surprising. Most of his products were (haven't looked for over a year) white labels which he claimed to have built and have 100% control of.

 

[Jona4s]

Is there a way to create a list of all the websites

418,923
https://trends.builtwith.com/websitelist/NatCoWeb

 

[Derek Peterson]

418,923
https://trends.builtwith.com/websitelist/NatCoWeb

Sweet. Thanks!

 

[dirk]

Sweet. Thanks!

Keep in mind there are people reselling service from within their infra. There are legit hosts/websites amongst them.

 

[bmugford]

Hackers expose Texas GOP's 'sensitive documents' and 'dark memes' in wake of abortion law: report

https://www.rawstory.com/texas-gop-epik-hack/

https://www.dailydot.com/debug/anonymous-texas-gop-epik/

https://twitter.com/x/status/1445102210354982915

I wonder what else was breached. I still have questions about ID documents which have not been addressed by Epik. I also have questions about potential integrated accounts like Sedo, Afternic, Escrow.com, etc.

Also what about hosted data and login/passwords, among other things.

The exact depth of this hack is still unknown. Epik is providing no clarity.

Brad

 

[bmugford]

I wonder how many phases there are going to be?

https://twitter.com/x/status/1445042503053463556

 

[Derek Peterson]

418,923
https://trends.builtwith.com/websitelist/NatCoWeb

About all porn, loli and human trafficking. Very Christian.

 

[DN Playbook]

Epik engineers outside of that group only gained access to this 10-year-old git repository following the hack: "our top engineers mostly hadn’t seen that code because it was kind of blackboxed, behind a firewall, separate git repository, and not part of the Epik git. And that might sound surprising… considering that we’re like a registrar, but that’s basically because of the history of how that company became part of Epik. It was an acquisition, it is a captive dev team, and I’ve operated with that group to a large extent on the basis of trust. They’re good people, they’re honorable people, ethical, responsible people, but their coding methods and frameworks are not up to standard, and they’ve pretty much handed over all the keys to two top guys, Justin Tabb, David Roman."

It didn't sound to me like white labeling—Rob said they acquired the registrar code and engineering team from Intrust. But for some reason, it seems they allowed the engineering team to retain total ownership of the code, totally siloed from the rest of Epik's team.

All of this is just so convoluted, it boggles the mind. They are "good people", "honorable", "ethical", "responsible". But their code sucked and they wouldn't give access. But we still used it to make money for as long as we could. What?! Who runs a company this way?

 

[mr-x]

Hate speech is not free speech. More importantly, [CITATION NEEDED], because I'm positive that exactly zero people in Canada have been arrested for saying that, despite the fact that it is a vile and reprehensible statement that has no place in polite society.

Hate speech is free speech. Speech you or the majority doesn't agree with is why free speech is important and the #1A of the USA Constitution.

 

[tonyk2000]

Investigative journalists from twitter are once again trying to connect the dots (Epik and the datacenter):

Fascinating. Yeah, it may not be easy for the journalists to understand how internet works in aspects of datacenters, RIRs (regional Internet registries), and IP addresses distribution. So - as easy and simplified as possible: Does Rob Monster have all servers in his basement or bedroom? Probably, no. Epik, Godaddy, Network Solutions, etc. - they all need to use datacenters (colocation providers). This is because they need internet connectivity, ventilated racks and the like.

Epik is using Natcoweb for this purpose. End of story.

It takes ~5 minutes to find out that Natcoweb existed long before Rob/Epik acquired Intrust Domains (and started to operate in all aspects relevant to current discussion), and even before Rob joined Epik.

In particular:

Webhosting talk forum shows that the member Natcoweb joined in Apr 2009.

Webarchive shows the earliest version of hqhost website (which appears to be one of natco retail arms) dated back to ~2003.

Epik has acquired IntrustDomains in 2011.

What else? The CEO has a name of Russian origin? Sergey Brin is also Russian name, but this guy is one of Google founders.

Earlier, investigative journalists found that Epik is sitting on billions of $$$ in 4-symbol domain assets. Now, they are mixing Epik and its clients with the datacenter and their clients. What would be the next sensation? ;-()

 

[Mr. Glomar]

It would be helpful if someone with knowledge of this kind of class actions regarding data breaches could participate in this discussion.

Something like this, basically.

How Many People Do You Need for a Class Action Lawsuit? | Class Action Lawsuits | Ben Crump

Lawyers get richer, affected parties usually get a bag of peanuts and that's that.

 

[mr-x]

Love all the twitter investigators with no-name, affiliation. Just like real journalist.

 

[.X.]

I wonder how

I'm sure you know more about scripture than most but in the Bible, didn't God exterminate a bunch of people he didn't particularly like and wanted to start over with Noah and a boat? I don't think he killed them because he loved them.
And then there's the story of 'Sodom' and Gomorrah. Which entirely refutes what you said...

Not that I care. It's just some food for thought

I would explain why in detail .. but this thread isn’t the place…

it appears the hacking continues .. i think .. sure there are some who don’t want to be exposed .. but as a majority .. I wouldn’t think the people who are in the affiliations being exposed have any shame in being in their affiliation and cause … no more than I would think any Far Left people have any shame in their affiliation or exposure for participating in the affiliation activities or causes.

 

[bmugford]

Love all the twitter investigators with no-name, affiliation. Just like real journalist.

Yeah, well it is what it is. Rob and Epik are basically saying nothing on the subject.

Good or bad there are a lot of people analyzing the data from amateurs to top tier security experts, and everything in between.

Brad

 

[.X.]

Love all the twitter investigators with no-name, affiliation. Just like real journalist.

it’s the going thing today .. claim “Independent ” and you can be a Independent Investigator .. Independent?? Name your title .. we already know “Media” Research .. Journalist .. video producer are all approved with certain law enforcement officials of certain states .. as we have seen