alert Epik Had A Major Breach

[DaveX]

Just read this. Looks like Epik may have been hacked and sensitive data compromised...

Read here:
https://domainnamewire.com/2021/09/14/hackers-claim-significant-epik-breach/

Thought I would share this.

 

[bmugford]

Catching up here. Quick update.

On the tech and development side, the team continues to make very strong progress. As mentioned, the non-core upstream developments have largely been put in hold in order to focus on the core. The "Office of the CTO" is already in operation with a decentralized A-team, and I am not part of it.

On the domain management side, a "Domain Core Team" has been formed and is comprised of industry veterans Sufyan Alani, May Chen, Sevan Derderian, Anthony Kirlew and Jessica Robison. This is a team of diligent individuals is working well together. No politics. Just results.

On the topic of governance, I am currently the sole Board Director as well as the major shareholder. I am hopeful that we'll see a "Unicorn" grade Board emerge soon. For example, earlier today, I interviewed a retired US Major General with a deep background in security, including cybersecurity.

As for other unanswered comments, in no particular order:

- A legacy URL for triggering SMS codes was disabled on Monday. It was not part of the live SSO but was away to spam people with SMS codes. That was promptly removed. There was no account compromise related to the legacy SMS spam as Epik had moved to Federated Identity in January 2021.

- Joey Camp did receive his notice and his deadline did pass at noon today. As of this evening, I am not aware of any live sites powered by Epik that are outside of our TOS.

- Daily transfers in continue to outpace transfers out many times over. This pattern has been steady and domains under management continues to rise. The folks who are crying wolf are not doing anyone a great service at this point but they keep this thread active so God bless 'em.

- The escrow business is doing just fine. So far today no less than 5 transactions started with transaction sizes above $100K each. With crypto booming, much of this is crypto-related. As far as I know, Epik is the only registrar-escrow that is also integrated as a licensed crypto exchange.

- As mentioned, Epik has completed about a dozen acquisitions in the last 3 years. For strategic reasons, not all of them get announced. We do talk to a lot of folks. When we say no to a deal, it is often due to bad cultural fit, e.g. a Dutch company that has gone on to become stronger after some transitional assistance.

- I don't actually recall having any M&A discussion with Derek. If any such discussion occurred, it would have been very preliminary. In general, we don't do a lot of partnerships. We either build or we acquire. In the case of Derek, it is safe to say that there would not have been a cultural fit.

- There will be no re-brand of Epik.com. The Epik brand continues to be healthy. Brand awareness is higher than ever. Our product and service are good and improving. We don't need to be everyone's cup of tea to have a sustainable enterprise. I was encouraged by this poll today:

https://twitter.com/x/status/1448969691163082753

Looks like the trolls have 8 hours to stuff the ballot:
Show attachment 202006
If you still like Epik, you are definitely not alone despite the determined efforts of the vocal trolls who are running a "struggle session" on this forum for reasons that I could speculate about, but won't!

#BeEpik

I would love to see more updates on how you got into the situation in the first place, with terrible security protocols built on decade old "shitty Russian code".

I am guessing the following is the primary reason -

On the topic of governance, I am currently the sole Board Director as well as the major shareholder.

It is rather clear at this point that Epik did not have the technical ability onboard when it came to security. If they did, then the alternative is even worse - they had the ability, but just didn't do anything about it.

You clearly had no business ever being the "acting CTO" or whatever you claimed to be.

Oh, and that poll is about as legitimate as your 2020 mid-year NamePros Registrar of the Year win.

Brad

 

[FernandoBMS]

despite the determined efforts of the vocal trolls who are running a "struggle session" on this forum for reasons that I could speculate about, but won't!

- deny that you suffered a data breach despite everyone having downloaded your data

- start a harassment and defamation campaign against journalists who report on the data breach

- hold a prayer meeting talking a lot of nonsense about cursed data

- wonder what ulterior motive made all these people interested in me and my company

 

[bmugford]

There will be no re-brand of Epik.com. The Epik brand continues to be healthy. Brand awareness is higher than ever. Our product and service are good and improving. We don't need to be everyone's cup of tea to have a sustainable enterprise. I was encouraged by this poll today:

If you still like Epik, you are definitely not alone despite the determined efforts of the vocal trolls who are running a "struggle session" on this forum for reasons that I could speculate about, but won't!

#BeEpik

That's great! Too bad your customers (and non customers) are dealing with the fallout from your shitty security.

Here is an example from your poll tweet -

https://twitter.com/x/status/1448971031566295067

As someone who likes to quote proverbs, I am going to give you a free one -
"Pride comes before the fall."

 

[bmugford]

- deny that you suffered a data breach despite everyone having downloaded your data

- start a harassment and defamation campaign against journalists who report on the data breach

- hold a prayer meeting talking a lot of nonsense about cursed data

- wonder what ulterior motive made all these people interested in me and my company

Remember when Rob Monster sent transparent legal threats to Paul about the content in this thread?

After that didn't work it seems like he has just adopted ignore, blame, deflect with a dash of just being a general narcissistic troll mixed in.

Throw in a little playing the victim as well. Epik was using "shitty Russian code", suffered a major hack based on their terrible security protocols, then have the audacity to say they are facing a "struggle session" when being called out on those facts.

Brad

 

[rh2000]

Catching up here. Quick update.

On the tech and development side, the team continues to make very strong progress. As mentioned, the non-core upstream developments have largely been put in hold in order to focus on the core. The "Office of the CTO" is already in operation with a decentralized A-team, and I am not part of it.

On the domain management side, a "Domain Core Team" has been formed and is comprised of industry veterans Sufyan Alani, May Chen, Sevan Derderian, Anthony Kirlew and Jessica Robison. This is a team of diligent individuals is working well together. No politics. Just results.

On the topic of governance, I am currently the sole Board Director as well as the major shareholder. I am hopeful that we'll see a "Unicorn" grade Board emerge soon. For example, earlier today, I interviewed a retired US Major General with a deep background in security, including cybersecurity.

As for other unanswered comments, in no particular order:

- A legacy URL for triggering SMS codes was disabled on Monday. It was not part of the live SSO but was away to spam people with SMS codes. That was promptly removed. There was no account compromise related to the legacy SMS spam as Epik had moved to Federated Identity in January 2021.

- Joey Camp did receive his notice and his deadline did pass at noon today. As of this evening, I am not aware of any live sites powered by Epik that are outside of our TOS.

- Daily transfers in continue to outpace transfers out many times over. This pattern has been steady and domains under management continues to rise. The folks who are crying wolf are not doing anyone a great service at this point but they keep this thread active so God bless 'em.

- The escrow business is doing just fine. So far today no less than 5 transactions started with transaction sizes above $100K each. With crypto booming, much of this is crypto-related. As far as I know, Epik is the only registrar-escrow that is also integrated as a licensed crypto exchange.

- As mentioned, Epik has completed about a dozen acquisitions in the last 3 years. For strategic reasons, not all of them get announced. We do talk to a lot of folks. When we say no to a deal, it is often due to bad cultural fit, e.g. a Dutch company that has gone on to become stronger after some transitional assistance.

- I don't actually recall having any M&A discussion with Derek. If any such discussion occurred, it would have been very preliminary. In general, we don't do a lot of partnerships. We either build or we acquire. In the case of Derek, it is safe to say that there would not have been a cultural fit.

- There will be no re-brand of Epik.com. The Epik brand continues to be healthy. Brand awareness is higher than ever. Our product and service are good and improving. We don't need to be everyone's cup of tea to have a sustainable enterprise. I was encouraged by this poll today:

https://twitter.com/x/status/1448969691163082753

Looks like the trolls have 8 hours to stuff the ballot:
Show attachment 202006
If you still like Epik, you are definitely not alone despite the determined efforts of the vocal trolls who are running a "struggle session" on this forum for reasons that I could speculate about, but won't!

#BeEpik

Glad to hear things are going good.

 

[Rob Monster]

Did you look? Because the .org site I mentioned in my previous message is still online and serving the same doxing and harassing content, and whois still shows Epik as the registrar. I will direct message you the URL just for absolute clarity, though I was very clear, and it was included in an abuse report as well.

Furthermore, does this mean that Mr. Camp will continue to be an Epik customer? I assume so, given the number of his domains I am still seeing with Epik listed as the registrar. What happens when he puts this type of content back on the domains you are still servicing? Who is responsible for monitoring to see that he doesn't do that, the victims of his harassment?

As for the .COM it has been nullrouted for many weeks:

;YOURDADDYJOEY.COM. IN A

It is not at Epik.

I believe the site you are referencing is now sinkholed as the registrant did not transfer out despite ample transitional grace period.

Domain Name: YOURDADDYJOEY.ORG
Registrar: Epik Inc.
Registrar IANA ID: 617
Domain Status: ok https://icann.org/epp#ok
Name Server: NS1.SHADOWSERVER.ORG
Name Server: NS2.SHADOWSERVER.ORG

nslookup YOURDADDYJOEY.ORG ns1.shadowserver.org
Server: ns1.shadowserver.org
Address: 64.71.138.162#53

Non-authoritative answer:

*** Can't find YOURDADDYJOEY.ORG: No answer

DNS cache will still be out there but the authoritative route is now sinkholed.

As for whether or not we would re-empower, we don't have a formal "banned for life" policy. We generally subscribe to the view that most people are not beyond redemption.

Once a client is identified as ToS violator, and their grace period has ended, the abuse handling will be quite swift.

Operators of "hot potato" domains are strongly advised to check in with us first before seeking safe harbor at Epik.

 

[Rob Monster]

As someone who likes to quote proverbs, I am going to give you a free one -
"Pride comes before the fall."

If you are going to attempt at being a theologian at least look up the verse:

Pride goeth before destruction, and an haughty spirit before a fall. - Proverbs 16:18

In other words, God gives warning shots. Remember that.

You are not alone though, that verse is often misquoted.

 

[carob]

Someone's earlier post said to Google Joey Camp + Forbes for more info. That turns up this:

https://www.forbes.com/sites/kashmi...scover-police-are-not-as-dumb-as-they-thought

Soon Camp was transferring thousands of dollars, in small amounts, from the university bank account into his own, and into the account of another lucky/unlucky student who Camp hoped to frame for the crime. He did it over Thanksgiving break of 2009, hoping that people wouldn't be paying attention. They were. Police arrested him on November 25th.

But that didn't stop Fowler and Camp...

 

[bmugford]

If you are going to attempt at being a theologian at least look up the verse:

Pride goeth before destruction, and an haughty spirit before a fall. - Proverbs 16:18

In other words, God gives warning shots. Remember that.

You are not alone though, that verse is often misquoted.

There are actually multiple versions that appeared in various bibles over the years, you picked one of them.

I just gave you the relevant abridged version of it. You clearly understand the point.

Brad

 

[Molly White]

Thank you for removing the site in question. I am genuinely grateful.

I will admit, though, that I am disappointed that the priority here was apparently on providing Mr. Camp with "ample transitional grace period", which resulted in Epik spending a month knowingly hosting doxing, harassing, and defamatory content that is actively endangering people.

Do I need to proactively check his other sites as well? It seems this site (the .org, I was not referring to the .com) was only "sinkholed" after I mentioned to you that it was still up.

As for whether or not we would re-empower, we don't have a formal "banned for life" policy. We generally subscribe to the view that most people are not beyond redemption.

Once a client is identified as ToS violator, and their grace period has ended, the abuse handling will be quite swift.

So I did understand you correctly, then, that the onus is on Joey Camp's harassment victims to monitor the domains and websites Epik is powering, and that you will not be proactively ensuring he is following your policies? Despite that you have repeatedly had to engage with him about content that is against Epik TOU and despite the fact that, according to you, Joey Camp has said he sees no issue with the content on his websites and has said he will refuse to process takedown requests?

For what it's worth, I agree with you that most people are not beyond redemption. But I am also not so foolish to expect a person who sees no issue with his behavior, who has continued to actively engage in harassing and doxing behavior over this past month since you spoke with him, and who has said he will not work with you to ensure his content is within your terms, to suddenly decide to change his ways. I don't think you are foolish, either.

 

[Rob Monster]

You clearly had no business ever being the "acting CTO" or whatever you claimed to be.

Your kitchen-sink rhetoric is so obvious. Serious question: why are you such a ding-dong? Keep it up and you too will go to my ignore list. You are just about there.

As for tech leadership, I have been working with computers since I was around 8 years old. My Dad was a Professor of Computer Science. My relationship with computers dates back to paper tape and 300-baud. I have worked with computers for my entire life. My first job at P&G was as a Systems Analyst. I wrote the first version of the software of the company called GMI which we sold for more than $100 million cash.

As for Epik, my primary technical duty at Epik since 2009 was what some might call "vision casting," which is very much on display. In general, I delegate responsibility and authority to people who I trust to do a good job in their assigned areas. That said, we have already acknowledged that some acquired was old. That does not change the fact that we out-innovated every other company in the industry. And we still do.

Looking ahead, the appointment of an "Office of the CTO" is a statement of commitment that the full scope of Epik has arguably become too big for any one "normal" person to keep in their head. In addition to ongoing appetite for (technology) acquisitions, our direct investment in software development is running at an all-time high, and I don't see any slowdown in sight.

 

[carob]

re Joey Camp and use of Epik services, Rob Monster was asked this:

When do you expect this to be complete? It has been a month and he has multiple domains with Epik, where he continues to host the exact same site you removed. Again, multiple reports have been made with these domains.

Is there a list of those Joey Camp domains registered at Epik?

Can someone supply a reference to the specific Epik ToS item they violate?

Are the sites also hosted at Epik?


Epik can and do delete domains that violate their ToS, meaning the domain drops and any dropcatcher can then register it.

Epik could alternatively force the registrant to transfer the domain to another registrar, as GoDaddy have done,, or Epik could just suspend or reroute the domain temporarily so the domain owner still has the domain, just can't use it for the site they want to.

Epik can presumably suspend or cancel any hosting account at any time for ToS violations.


Anyone looking to invest in or join Epik would of course want to be sure the ToS were being enforced to avoid scandal and mistrust, and harm to third parties.

 

[bmugford]

Your kitchen-sink rhetoric is so obvious. Serious question: why are you such a ding-dong? Keep it up and you too will go to my ignore list. You are just about there.

As for tech leadership, I have been working with computers since I was around 8 years old. My Dad was a Professor of Computer Science. My relationship with computers dates back to paper tape and 300-baud. I have worked with computers for my entire life. My first job at P&G was as a Systems Analyst. I wrote the first version of the software of the company called GMI which we sold for more than $100 million cash.

As for Epik, my primary technical duty at Epik since 2009 was what some might call "vision casting," which is very much on display. In general, I delegate responsibility and authority to people who I trust to do a good job in their assigned areas. That said, we have already acknowledged that some acquired was old. That does not change the fact that we out-innovated every other company in the industry. And we still do.

Looking ahead, the appointment of an "Office of the CTO" is a statement of commitment that the full scope of Epik has arguably become too big for any one "normal" person to keep in their head. In addition to ongoing appetite for (technology) acquisitions, our direct investment in software development is running at an all-time high, and I don't see any slowdown in sight.

Oh, no. I might be on Rob's ignore list. That is not much of a threat.

A "free speech" warrior who needs to block someone else for saying things they don't like.

The proof is in the pudding. You are the only board member and majority shareholder.
Whose fault is it then? There is no one else to blame for the "shitty Russian code" and poor security protocols.

Using decade old "shitty code" = innovation?

Brad

 

[Rob Monster]

There are actually multiple versions that appeared in various bibles over the years, you picked one of them.

I just gave you the relevant abridged version of it. You clearly understand the point.

Brad

No, you are missing an essential point. The secular proverb misses essential subtlety.

Check out the Masoretic source text sometime and you will see the source from which translations draw:

https://www.blueletterbible.org/kjv/pro/16/18/t_conc_644018

Good for you though. Proverbs and Psalms are excellent. Proverbs 16 is a personal favorite -- it is packed with life wisdom. Check it out sometime.

 

[FernandoBMS]

Two questions for @Rob Monster:

- Is Vitaliy Opryshko still Head Of Software Development at Epik dot com?

- Are you still in business with Kenn Palm?

 

[bmugford]

Two questions for @Rob Monster:

- Is Vitaliy Opryshko still Head Of Software Development at Epik dot com?

- Are you still in business with Kenn Palm?

Wow, Kenn Palm. That name sure brings back some old memories.

InTrust Domains really was at the forefront of bulk / automated domain sales spam. Then Epik acquired them.

Brad

 

[Rob Monster]

Thank you for removing the site in question. I am genuinely grateful.

The reality is that the people he was profiling were not lovely people. They may become more lovely in the future. If they don't then one can assume that other Joey's will emerge when thugs overreach.

During the grace period, we were assured that there we no TOS violations, and that the content was lawful public records. What we did not do was a blanket takedown as there was no court order.

There is a place for whistleblower sites. I philosophically have no problem with them so long as the content that is published is lawful and not willful dis-info.

For the record, I consider your Wikipedia article to be disinfo, mainly because it catalogs factually inaccurate articles with no editorial balance. Don't worry though, people are noticing, e.g. this today:

https://twitter.com/x/status/1448897746505719809

You can spare me circular reasoning. I am on to more productive things but wish everyone a blessed weekend.

 

[Molly White]

The reality is that the people he was profiling were not lovely people. They may become more lovely in the future. If they don't then one can assume that other Joey's will emerge when thugs overreach.

During the grace period, we were assured that there we no TOS violations, and that the content was lawful public records. What we did not do was a blanket takedown as there was no court order.

Assured... by who? Joey Camp? Which public records described all of these people as pedophiles and sex pests? Or described me as addicted to drugs? You've already made it clear through multiple statements that you think the doxing, defamation, harassment, and threats are deserved by people you do not think are "honorable" or "lovely". This extends to their families as well?

You may be interested to know that Joey Camp has already moved his doxing site that you just took down to another domain registered by Epik. I will send it to you in a DM. Do you see the problem here? [Update 1:11am ET: It seems this domain is now redirecting elsewhere—this seems to have been a change by Joey Camp rather than an action by Epik.] [Update 1:27 am ET: The doxing site is back up at this Epik-registered domain. You can imagine how much I am enjoying spending my Friday night keeping an eye on this.]

 

[bmugford]

The reality is that the people he was profiling were not lovely people. They may become more lovely in the future. If they don't then one can assume that other Joey's will emerge when thugs overreach.

During the grace period, we were assured that there we no TOS violations, and that the content was lawful public records. What we did not do was a blanket takedown as there was no court order.

There is a place for whistleblower sites. I philosophically have no problem with them so long as the content that is published is lawful and not willful dis-info.

For the record, I consider your Wikipedia article to be disinfo, mainly because it catalogs factually inaccurate articles with no editorial balance. Don't worry though, people are noticing, e.g. this today:

https://twitter.com/x/status/1448897746505719809

You can spare me circular reasoning. I am on to more productive things but wish everyone a blessed weekend.

Wow, so they were not lovely people, according to you. Your opinion is just that, an opinion.

In my opinion you are getting dangerously close to a tacit endorsement of some of these disgusting actions. It sure sounds like "It is ok, because they are not lovely people."

The harassment, intimidation, and doxxing of @Molly White though is not acceptable. Do you think it was?

It sounds like you are ready to take another shot at the Wikipedia article, and make a clown of yourself again.

Brad

 

[FernandoBMS]

It sounds like you ready to take another shot at the Wikipedia article, and make a clown of yourself again.

Did he ever point out what the inaccurate information would be in the Wikipedia article or does he just stick to these generic complaints?