alert Epik Had A Major Breach

[DaveX]

Just read this. Looks like Epik may have been hacked and sensitive data compromised...

Read here:
https://domainnamewire.com/2021/09/14/hackers-claim-significant-epik-breach/

Thought I would share this.

 

[Paul]

Rob, October 4, 2021, at 2:45 AM EDT
Subject: Derek

Hi Paul,

For the record, I barely know Derek. I have very rarely interacted with him since 2018 when he tried very hard to convince me that Gab should be put down. I ultimately concluded differently in part I because I found his testimony to be questionable.

At this point, I have no idea why he is obsessed with me, nor DNPlaybook who seems to work from the same script. What is the purpose of letting these nonsense-spouters persist on NP?

Thanks
Rob

Paul, October 4, 2021, at 8:50 AM EDT:

Derek was restricted for unprofessional behavior in that thread on September 29. The post was allowed to remain in the interest of transparency, but I made a public post at the time condemning it. After a conversation with Derek in which he expressed he would make an effort to improve, as well as a series of posts indicating he was able to keep the vague accusations at bay, the restriction was removed. I haven't personally reviewed most of the posts he made over the weekend.

To answer your question, it's difficult to guide people away from uninformed speculation and assumptions. When we outright delete content, there is a cost: people tend to double-down on their opinions, cry censorship, and refuse to take in new information that may conflict with their existing opinions. That isn't conducive to a healthy, open-minded discussion and just results in furthering hatred and division. That cost has to be weighed with the impact of keeping the post up but publicly explaining the faults in reasoning or why it's inappropriate for NamePros. If it's going to result in an immediate flame war, it may need to be removed despite that cost.

That being said, if an individual's posts are professional and don't violate our rules, they're probably not going to be removed or condemned even if they don't make much sense. Censorship doesn't really seem to work well when it comes to dispelling rumors.

Rob, October 4, 2021 at 9:06 PM EDT:

If you are comfortable with his contributions to that cesspool thread, so be it. So we have an understanding, the content is now all being backed up continuously.

From my periodic review of what is there, I am pretty sure it is a TOS violation:

https://www.namepros.com/help/terms

The level of defamation in that thread that is being permitted is absurd.

I was just making sure that you were comfortable with the posts from someone who apparently has no other reason to be on NP other than to defame Epik and Rob Monster. It is no wonder that his startups all fail, but that’s a different matter!

Regards,
Rob

Paul, October 5, 2021 at 8:11 AM EDT:

I am not comfortable at all with much of the content posted to that thread and do not endorse it. That does not mean it will be removed.

If you have specific, actionable objections to pieces of content, you may present them; thus far, however, you have not done that. Your objections have been vague and directed at individuals.

 

[Future Sensors]

AWS was mentioned somewhere. Can't find the link right now.

Don't know. But in this research article (PDF), Epik is mentioned in relation to AWS. And a lot more insights.

Deplatformization and the governance of the platform ecosystem
https://journals.sagepub.com/doi/full/10.1177/14614448211045662

 

[Molly White]

Perhaps Rob should spend more of his time policing the TOS violations of his own service, like Joey Camp's. Rob already acknowledged it was against Epik TOS, yet multiple sites remain, despite many abuse reports. Or that's okay because you think Camp's targets deserve it?

https://twitter.com/x/status/1441827503056826368

Since you're reading this thread, Rob, do you plan to acknowledge that you instructed Camp to dox me and my family? Was posting a photo of a young child in my family wearing a bathing suit at your instruction too or did Joey Camp just throw that in as a freebie? How about sending my dox and those of my family to individuals known to be violent? Defaming me as a drug addict? Threatening that he was sending people to enter my home?

 

[koolishman]

I reset password and have no problem logging in - have been in and out a number of times last day doing various things. Hope customer service are able to sort it out for you.
Bob

I wrote to EPIK support to reset PW. No reply till date.

 

[dirk]

I wrote to EPIK support to reset PW. No reply till date.

If you use the 'forgot Password' option it should work.

Edit: mail could end up in your spam.

 

[jmcc]

the reason I asked is the whistle blower on 60 minutes vs the outages happening less than 24 hours later .. coincidence and the unexplainable has become a feast since 2020 … or .. explainable but makes no sense to the contrary.

It is only natural to try to see if there were connections. This seems to have been a technical mistake by Facebook.

On the hacking side of things, I suppose it gives people a sense of participation in all this in that it fulfills a need to belong. This is why there are various pile-ons with various groups and they end up being more like supporters of Football teams or political parties.

There is no such thing as an unhackable system as every system is effectively a set of security compromises necessary to make the system work and interact. True hacking is the pursuit of knowledge and the search for alternative solutions to tricky problems. It has become something completely different over the years.

The Epik situation has encouraged a lot of speculation as to what happened and how it happened. What we don't have are the facts about what exactly happened.

The analysis, so far, comes from people looking at the leaked data so it is a bit like people looking at the latest Tesla car without knowing what design decisions led to various features. Epik has only made some vague statements and this is exactly what it should be doing. If you look at other companies that have suffered a databreach, they do much the same thing where they confirm the breach and then let the lawyers and PR people take over.

Reverse-engineering a product or software is a lot more difficult than designing it. It is necessary to understand what was being done and why it was being done. In the Epik case, it requires an understanding of the entire system and how it operated in the domain name industry. Things that are inuitively obvious to people with experience (domain names on sale, WHOIS records, parking IPs, sales platforms etc) may not be obvious to some of the people researching the leaked data. The scale of the data leaked may also be overwhelming.

The Maine official breach notification ( https://apps.web.maine.gov/online/aeviewer/ME/40/68401938-23c3-4279-8bc5-d4782e3cba56.shtml ) mentioned that 110,000 people were affected by the databreach. The facts will eventually trickle out but by then the media coverage will have switched to the next big story.

Regards...jmcc

 

[bmugford]

Rob, October 4, 2021, at 2:45 AM EDT
Subject: Derek

Hi Paul,

For the record, I barely know Derek. I have very rarely interacted with him since 2018 when he tried very hard to convince me that Gab should be put down. I ultimately concluded differently in part I because I found his testimony to be questionable.

At this point, I have no idea why he is obsessed with me, nor DNPlaybook who seems to work from the same script. What is the purpose of letting these nonsense-spouters persist on NP?

Thanks
Rob

Paul, October 4, 2021, at 8:50 AM EDT:

Derek was restricted for unprofessional behavior in that thread on September 29. The post was allowed to remain in the interest of transparency, but I made a public post at the time condemning it. After a conversation with Derek in which he expressed he would make an effort to improve, as well as a series of posts indicating he was able to keep the vague accusations at bay, the restriction was removed. I haven't personally reviewed most of the posts he made over the weekend.

To answer your question, it's difficult to guide people away from uninformed speculation and assumptions. When we outright delete content, there is a cost: people tend to double-down on their opinions, cry censorship, and refuse to take in new information that may conflict with their existing opinions. That isn't conducive to a healthy, open-minded discussion and just results in furthering hatred and division. That cost has to be weighed with the impact of keeping the post up but publicly explaining the faults in reasoning or why it's inappropriate for NamePros. If it's going to result in an immediate flame war, it may need to be removed despite that cost.

That being said, if an individual's posts are professional and don't violate our rules, they're probably not going to be removed or condemned even if they don't make much sense. Censorship doesn't really seem to work well when it comes to dispelling rumors.

Rob, October 4, 2021 at 9:06 PM EDT:

If you are comfortable with his contributions to that cesspool thread, so be it. So we have an understanding, the content is now all being backed up continuously.

From my periodic review of what is there, I am pretty sure it is a TOS violation:

https://www.namepros.com/help/terms

Show attachment 201217

The level of defamation in that thread that is being permitted is absurd.

I was just making sure that you were comfortable with the posts from someone who apparently has no other reason to be on NP other than to defame Epik and Rob Monster. It is no wonder that his startups all fail, but that’s a different matter!

Regards,
Rob

Paul, October 5, 2021 at 8:11 AM EDT:

I am not comfortable at all with much of the content posted to that thread and do not endorse it. That does not mean it will be removed.

If you have specific, actionable objections to pieces of content, you may present them; thus far, however, you have not done that. Your objections have been vague and directed at individuals.

Number of letter's from Rob Monster to Paul complaining about NamePros - 2 (plus follow-ups)
Number of updates from Rob Monster / Epik about the actual data breach since then - 0

I suggest you focus your time and energy on the actual issue.

Brad

 

[bmugford]

Perhaps Rob should spend more of his time policing the TOS violations of his own service, like Joey Camp's. Rob already acknowledged it was against Epik TOS, yet multiple sites remain, despite many abuse reports. Or that's okay because you think Camp's targets deserve it?

https://twitter.com/x/status/1441827503056826368

Since you're reading this thread, Rob, do you plan to acknowledge that you instructed Camp to dox me and my family? Was posting a photo of a young child in my family wearing a bathing suit at your instruction too or did Joey Camp just throw that in as a freebie? How about sending my dox and those of my family to individuals known to be violent? Defaming me as a drug addict? Threatening that he was sending people to enter my home?

My encouragement to you is to view your current actions and choices through an eternal lens. If souls are eternal...

I have to question if that behavior is best for Rob's "eternal soul". The above was the exact wording he used in the letter to Paul.

Brad

 

[bmugford]

That being said, if an individual's posts are professional and don't violate our rules, they're probably not going to be removed or condemned even if they don't make much sense. Censorship doesn't really seem to work well when it comes to dispelling rumors

Isn't removing speech you don't like considered "cancel culture"? I don't use the term myself, because it seems when most people use the term it is really just to due with repercussions from them being a douche.

Rob, October 4, 2021 at 9:06 PM EDT:
I was just making sure that you were comfortable with the posts from someone who apparently has no other reason to be on NP other than to defame Epik and Rob Monster. It is no wonder that his startups all fail, but that’s a different matter!

Regards,
Rob

Who refers to themselves in third person?

 

[Future Sensors]

The Maine official breach notification ( https://apps.web.maine.gov/online/aeviewer/ME/40/68401938-23c3-4279-8bc5-d4782e3cba56.shtml ) mentioned that 110,000 people were affected by the databreach. The facts will eventually trickle out but by then the media coverage will have switched to the next big story.

Still waiting for the data breach notification by The Republican Party of Texas, to be filed in all states.

Ref: https://www.dailydot.com/debug/anonymous-texas-gop-epik/

 

[finitecrystal]

Isn't removing speech you don't like considered "cancel culture"? I don't use the term myself, because it seems when most people use the term it is really just to due with repercussions from them being a douche.

Rob's hypocrisy here proves one very important thing: All that "freeze peach warrior" talk he uses to defer responsibility for platforming Nazis and alt-righters is just that, talk. He platforms those views because he can't bear to see the dissemination of that reprehensible shit stopped for good.

 

[Jurgen Wolf]

Today I have received my 1st spam (Russian) as outcome of this leak...
To email address used only as my account email, I didn't share it publicly.

 

[jmcc]

Still waiting for the data breach notification by The Republican Party of Texas, to be filed in all states.

Ref: https://www.dailydot.com/debug/anonymous-texas-gop-epik/

It is going to be an interesting few weeks.

Regards...jmcc

 

[bmugford]

Rob's hypocrisy here proves one very important thing: All that "freeze peach warrior" talk he uses to defer responsibility for platforming Nazis and alt-righters is just that, talk. He platforms those views because he can't bear to see the dissemination of that reprehensible shit stopped for good.

Again, @Molly White (who posted above) was targeted by Epik for simply being a Wikipedia editor that they disagreed with.

https://www.namepros.com/threads/epik-wikipedia-battle-is-full-on-right-now.1186029/

It lead to harassment, threats, intimidation, and doxxing from parties connected to or supporters of Epik.

Joey Camp, also alleged that he was involved with Rob when it came to Molly White.

 

[DN Playbook]

The Epik situation has encouraged a lot of speculation as to what happened and how it happened. What we don't have are the facts about what exactly happened.

We do have some facts such as things confirmed by Rob like, a hack did occur, the code was poorly written by Russian/Ukrainian dev team who kept the code captive, the code has not been updated since it was acquired. We also have facts reported by journalists such as what data was dumped by the hackers and class action investigation. There could be more.

But with Rob's reluctance to provide updates and information, we are left to speculate and ask questions. Which in turn frustrate Rob. As the second dump from the hack indicated, this could be a much worse situation. But left with no statements from E, that is only supposition.

Reverse-engineering a product or software is a lot more difficult than designing it. It is necessary to understand what was being done and why it was being done. In the Epik case, it requires an understanding of the entire system and how it operated in the domain name industry.

You don't really have to reverse engineer the source code if the source code is written on old compilers or languages with known vulnerabilities. A simple SQL injection can produce damage and reveal sensitive data.

Rob, October 4, 2021, at 2:45 AM EDT
Subject: Derek

Hi Paul,

For the record, I barely know Derek. I have very rarely interacted with him since 2018 when he tried very hard to convince me that Gab should be put down. I ultimately concluded differently in part I because I found his testimony to be questionable.

At this point, I have no idea why he is obsessed with me, nor DNPlaybook who seems to work from the same script. What is the purpose of letting these nonsense-spouters persist on NP?

Thanks
Rob

Paul, October 4, 2021, at 8:50 AM EDT:

Derek was restricted for unprofessional behavior in that thread on September 29. The post was allowed to remain in the interest of transparency, but I made a public post at the time condemning it. After a conversation with Derek in which he expressed he would make an effort to improve, as well as a series of posts indicating he was able to keep the vague accusations at bay, the restriction was removed. I haven't personally reviewed most of the posts he made over the weekend.

To answer your question, it's difficult to guide people away from uninformed speculation and assumptions. When we outright delete content, there is a cost: people tend to double-down on their opinions, cry censorship, and refuse to take in new information that may conflict with their existing opinions. That isn't conducive to a healthy, open-minded discussion and just results in furthering hatred and division. That cost has to be weighed with the impact of keeping the post up but publicly explaining the faults in reasoning or why it's inappropriate for NamePros. If it's going to result in an immediate flame war, it may need to be removed despite that cost.

That being said, if an individual's posts are professional and don't violate our rules, they're probably not going to be removed or condemned even if they don't make much sense. Censorship doesn't really seem to work well when it comes to dispelling rumors.

Rob, October 4, 2021 at 9:06 PM EDT:

If you are comfortable with his contributions to that cesspool thread, so be it. So we have an understanding, the content is now all being backed up continuously.

From my periodic review of what is there, I am pretty sure it is a TOS violation:

https://www.namepros.com/help/terms

Show attachment 201217

The level of defamation in that thread that is being permitted is absurd.

I was just making sure that you were comfortable with the posts from someone who apparently has no other reason to be on NP other than to defame Epik and Rob Monster. It is no wonder that his startups all fail, but that’s a different matter!

Regards,
Rob

Paul, October 5, 2021 at 8:11 AM EDT:

I am not comfortable at all with much of the content posted to that thread and do not endorse it. That does not mean it will be removed.

If you have specific, actionable objections to pieces of content, you may present them; thus far, however, you have not done that. Your objections have been vague and directed at individuals.

Rob has specifically mentioned me in his letter to Paul. I have written some articles reporting about RM and E in the past during a different scandal or scandals. I opted not to write about this one since I do not want to give more oxygen to RM/E. Instead use this thread to contribute to and learn about the development of this story. I may end up doing a large piece eventually once all the facts are on the table. Rob has in the past reported my NP posts to take them down.

 

[oldtimer]

Reverse-engineering a product or software is a lot more difficult than designing it. It is necessary to understand what was being done and why it was being done.

It's worth noting that the fact that Rob had chosen to go with certain unorthodox teams and systems at the beginning could simply have been because of his personal ideologies and beliefs which might have prevented him from trusting the more mainstream options that were available to him at the time and some of those decisions are now affecting Epik today even though it now wants to project a more normal image.

As I have already mentioned on couple of occasions here the only good option at this point seems to be for Epik to rebrand as a whole new Registrar with a whole new name and to come up with a different kind of mindset, strategy, goal, and platform that can allow it to focus more on the business aspect of things.

IMO

 

[finitecrystal]

Again, Molly White (who posted above) was targeted by Epik for simply being a Wikipedia editor that they disagreed with.

https://www.namepros.com/threads/epik-wikipedia-battle-is-full-on-right-now.1186029/

It lead to harassment, threats, intimidation, and doxxing from parties connected to or supporters of Epik.

Brad

Not to mention how Rob Monster admitted to hiring Joseph A Camp to do some "private investigation". The very same Joseph A Camp who has been doxxing and harassing journalists for daring to report on the Epik breach. A multitude of domains currently hosting Camp's doxxing website are still registered at Epik to this day, despite Rob Monster promising Steven Monacelli that he would take the site down while apologizing to Camp in the Jitsi meeting.

[...]

Screenshots from https://blog.mollywhite.net/monster-qa/

$ whois yourdaddyjoey[.]org
Domain Name: YOURDADDYJOEY[.]ORG
Registry Domain ID: D402200000016131543-LROR
Registrar WHOIS Server: whois.epik.com
Registrar URL: https://www.epik.com
Updated Date: 2021-10-04T23:12:02Z
Creation Date: 2021-03-01T00:09:24Z
Registry Expiry Date: 2022-03-01T00:09:24Z
Registrar Registration Expiration Date:
Registrar: Epik Inc.
Registrar IANA ID: 617
Registrar Abuse Contact Email: [email protected]
Registrar Abuse Contact Phone: +1.4252025160
Reseller:
Domain Status: ok https://icann.org/epp#ok
Registrant Organization: Anonymize, Inc.
Registrant State/Province: WA
Registrant Country: US
[...]

 

[jmcc]

We do have some facts such as things confirmed by Rob like, a hack did occur, the code was poorly written by Russian/Ukrainian dev team who kept the code captive, the code has not been updated since it was acquired. We also have facts reported by journalists such as what data was dumped by the hackers and class action investigation. There could be more.

No. We don't have the exact facts about what happened and how it happened. There have been no details released about the actual hack.

You don't really have to reverse engineer the source code if the source code is written on old compilers or languages with known vulnerabilities. A simple SQL injection can produce damage and reveal sensitive data.

Reverse-engineering a system a lot more complex than simply using an exploit to reveal some data. One doesn't reverse-engineer source code as much as try to understand it. With compiled software and the absence of source code, things become a bit more complex. With a system, it is necessary to understand what the software does, how it uses the data and what the system does. Each step is step away from simply grabbing some data with an SQL injection.

Regards...jmcc

 

[bmugford]

As I have already mentioned on couple of occasions here the only good option at this point seems to be for Epik to rebrand as a whole new Registrar with a whole new name and to come up with a different kind of mindset, strategy, goal, and platform that can allow it to focus more on the business aspect of things.

Well, that is not going to make the mountains of potential legal issues, liabilities, and bad PR go away.

You also have the practical issue that Epik = Rob Monster. A lot of the issues go far deeper than just the company name itself.

Brad

 

[bmugford]

Reverse-engineering a system a lot more complex than simply using an exploit to reveal some data. One doesn't reverse-engineer source code as much as try to understand it. With compiled software and the absence of source code, things become a bit more complex. With a system, it is necessary to understand what the software does, how it uses the data and what the system does. Each step is step away from simply grabbing some data with an SQL injection.

Regards...jmcc

Isn't it a bit embarrassing when you are basically at the mercy of your own development team, and the only way you can see your own code is after a massive data breach?

Brad