IT.COM

alert Epik Had A Major Breach

Spaceship Spaceship
Watch

Silentptnr

Domains88.comTop Member
Impact
47,106
Last edited:
33
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
The lack of explanation and meaningful guidance has gone on for a long time now. For concerned Epik customers who want to better educate themselves about, and arm themselves against, potential attack vectors, I've been sorting out a few resources over the past few days. You can find them in the Technology section of NamePros.

https://www.namepros.com/forums/technology.249/
 
13
•••
The lack of explanation and meaningful guidance has gone on for a long time now. For concerned Epik customers who want to better educate themselves about, and arm themselves against, potential attack vectors, I've been sorting out a few resources over the past few days. You can find them in the Technology section of NamePros.

https://www.namepros.com/forums/technology.249/

Very impressive. Lots of research. Great job.
 
8
•••
CNN just reached out to me regarding an in-depth investigation into Rob Monster.

It's nowhere near over yet.
 
10
•••
CNN just reached out to me regarding an in-depth investigation into Rob Monster.

It's nowhere near over yet.

Keep us posted so we can tune in.
 
3
•••
CNN just reached out to me regarding an in-depth investigation into Rob Monster.

It's nowhere near over yet.

You may want to contact @Derek Peterson

He is also currently in contact with CNN, he said earlier in this thread.
 
Last edited:
3
•••
Wow CNN is reading our forum.

3148.jpg
 
Last edited:
2
•••
More mentions of OverOptic Systems in this article last month:

https://bylinetimes.com/2021/09/08/texa-anti-abortion-bounty-hunting-website-now-hosted-in-the-uk/

Website registration records indicate the IP now associated with the URL Prolifewhistleblower.com is associated with UK-based Overoptic Systems LTD, which also does business by the name HQHost. Overoptic Systems only has one listed corporate director and their address is in Crimea. At the time of publication, Overoptic Systems had not returned a request for comment.

Records also indicate these IP addresses are linked to a New Jersey-based company called NatCoWeb Corp. They also show that NatCoWeb hosts extremist content, including a forum for the 3 Percenter right-wing extremist group and two websites for the Alliance Defending Freedom, a Christian nonprofit labelled by the Southern Poverty Law Center as a hate group. Little can be found about NatCoWeb Corp online. It doesn’t list corporate officers and doesn’t appear in New Jersey state corporate registration lookups. At the time of publication, NatCoWeb had not returned a request for comment.

Whois records of the IP address associated with Prolifewhistleblower.com also show Anonymize Inc. as the privacy administrator. NatCoWeb Corp and Anonymize Inc. appear to have a number of links. The bulk of the IPs on the NatCoWep Corp server list Anonymize Inc as their privacy administrator. Anonymize is a wholly-owned subsidiary of Epik.
 
3
•••
Records also indicate these IP addresses are linked to a New Jersey-based company called NatCoWeb Corp. They also show that NatCoWeb hosts extremist content, including a forum for the 3 Percenter right-wing extremist group and two websites for the Alliance Defending Freedom, a Christian nonprofit labelled by the Southern Poverty Law Center as a hate group. Little can be found about NatCoWeb Corp online. It doesn’t list corporate officers and doesn’t appear in New Jersey state corporate registration lookups. At the time of publication, NatCoWeb had not returned a request for comment.

Whois records of the IP address associated with Prolifewhistleblower.com also show Anonymize Inc. as the privacy administrator. NatCoWeb Corp and Anonymize Inc. appear to have a number of links. The bulk of the IPs on the NatCoWep Corp server list Anonymize Inc as their privacy administrator. Anonymize is a wholly-owned subsidiary of Epik.

A certified network engineer who analyzed these web records for the Byline Times believes that, despite the seeming switch in IP records, Epik could still be providing IP hosting in some regard.
 
2
•••
Steven Monacelli pressed Monster on it during the Q&A, but Monster dodged:

Monacelli, YT0:53:44: I asked you for clarification. If you can provide me with the exact understanding of why all of these things are pointing to Overoptic systems, NatCoWeb Corp, and Tinhat, I don’t understand these connections and that’s why I called you. But since you were unwilling to provide me any clarity regarding those connections, I reported on what is publicly available information.

Monster, YT0:54:08: Yeah, I mean the problem is that so much of the content that is out there, like Huffington Post and like, a whole list. Like you go look to the Wikipedia page… I mean, do you guys get how subverted Wikipedia is? You realize how much of a globalist tool that thing has become? You get that? Is that, like, lost on people?

Monacelli, YT0:54:28: So I’m not talking about Wikipedia. I’m talking about the web domain registration that I was able to link, and I explained to you over the phone…

Monster: Steve. Steve. I’m gonna get that page taken down, alright? Alright?
 
Last edited:
11
•••
OVEROPTIC SYSTEMS LTD was incorporated on 14 March 2013 in the U.K. and the the only public information available is the name of one appointed director, his address and nationality. He's a ukrainian citizen from Crimea.
 
3
•••
OVEROPTIC SYSTEMS LTD was incorporated on 14 March 2013 in the U.K. and the the only public information available is the name of one appointed director, his address and nationality. He's a ukrainian citizen from Crimea.

Sometimes it is hard to tell the difference between nefarious and a useful idiot.

You can see how many shady connections have already been made. This tangled web will continue to be unraveled.

Brad
 
5
•••
By the way.
0 domains were lost, but Im sure they could have stolen some, if they wanted to.

For example, all credentials were obtained.
Some use the same password everywhere.
Had hackers wanted, they would have searched using automated tools, stolen emails, then all domains linked to those emails.
Silently, before leaking the data.
They simply didnt choose to.

Even without credentials, Im sure they could have done much more damage, had they intended to.

Either they didnt want to hurt us / didnt want to touch people's property and have FBI to go after them in a meaner way, or they didnt want to appear as bad guys.

Either way we're lucky (I guess).
 
1
•••
1
•••
1
•••
0
•••
1
•••
Last edited:
4
•••
So if we can't get news from CNN or from Rob Monster. Where can we get the latest on the Epik hack fallout? NP seems like a pretty good source.

Well, Twitter has always been the main source where things around the Epik data breach get published, announced, and analyzed, but it is spread over many accounts. It is not immediately easy for the layman to estimate which sources are reliable. Some new Twitter accounts that publish about the data breach are just one month old and have valuable information. On the darkweb, Epik is discussed as well.

The established leaders (influencers) in the infosec community with a large reach, are also starting to delve into this, mainly because this case is fairly unique and high-profile, with cybersec, APT and politics involved. They have previously been analyzing C2 infrastructures and now see puzzle pieces coming together. Epik seems to play a central role in this ecosystem. Data from the Epik leaks is combined with other investigative sources like data from ICIJ, in order to map the relations (including financial) between Epik and other domestic and foreign parties.

On this forum, we just see more structure and additional insights that may help Epik customers and other stakeholders to further understand what seems to be going on at the company, and how they can protect themselves now they are vulnerable.

Some people in this thread have already mentioned that they are in contact with CNN. It looks like CNN Cyber Security Reporter Sean Lyngaas (snlyngaas) is now delving into this. Other journalists, from left to right, have also published about the data breach, but the enormous amount of data has to be interpreted carefully before final conclusions can be drawn.
 
Last edited:
4
•••
It is not immediately easy for the layman to estimate which sources are reliable.

On this forum, we just see more structure and additional insights that may help Epik customers and other stakeholders to further understand what seems to be going on at the company, and how they can protect themselves now they are vulnerable.

Some people in this thread have already mentioned that they are in contact with CNN. It looks like CNN Cyber Security Reporter Sean Lyngaas (snlyngaas) is now delving into this.

It is certainly beneficial for the layman customer to have people like yourself, @Molly White, @Kirtaner, @bmugford, @johnjhacking, and others who are following the news and have reporting skills and other insights post their findings here. NP is like an aggregate of the news on this topic. Hopefully we can keep going until it is resolved.
 
6
•••
It is certainly beneficial for the layman customer to have people like yourself, @Molly White, @Kirtaner, @bmugford, @johnjhacking, and others who are following the news and have reporting skills and other insights post their findings here. NP is like an aggregate of the news on this topic. Hopefully we can keep going until it is resolved.

Thank you. I agree that people from a lot of different disciplines are now present in this thread, and that's truly rather unique, and very useful.
 
Last edited:
4
•••
4
•••

That is a hyperbolical statement that emphasizes the issue. Even if the software wasn't made, if said software hasn't been updated for over 10 years, it basically needs a rewrite to make it secure. You have to implement all the latest server and source code processing updates as they are released. Those are only the basic steps. The least you should do.
 
Last edited:
4
•••
You couldn't make this stuff up. It's almost the making of a film. Ah someone already did it, called it Swiss Miss...



https://www.imdb.com/title/tt0030824/

Or a soap opera. Did anyone notice that epik.tv sold in May this year for $360?

And on the latest DNJ: DaaZ.com sold epik.in ($2,250) https://www.dnjournal.com/domainsales.htm
Nice for hacks like epik.in/trouble or epik.in/politics.

Earlier epik domain sales:

epik.org 9,644 USD 2014-03-31 Sedo

epik.com 6,944 USD 2007-06-05 Private

https://namebio.com/?s==cDM3YTN2QzM

What value would you give to epik.com now?


Epik.shop is a premium, but in many extensions epik is free and cheap to register, such as .me and .io
 
Last edited:
1
•••
Epikfail.com is going for 2500
 
1
•••
Epikfail.com is going for 2500

Although I have to admit that the information provided by Epik is lacking, these kinds of domain names seem to me to have little value. The following domain has a Creation Date of 2021-09-14T17:44:19Z.

upload_2021-10-29_17-26-14.png
 
0
•••
Back