- Experts say it can take years to properly analyze massive data dumps
- This includes the names, passwords and addresses of administrators of remote sites
- They all used Epic, a Washington-based web host founded by Rob Monster.
- Epic has hosted websites such as 8chan, The Daily Stormer, Gab, and Parlor
- According to hackers, the domain registrar’s weak security standards have left its customers vulnerable
- Anonymous published 150 GB of data for public download on 13 September, urging researchers to explore the ‘worst garbage the Internet has to offer’.
- The leak has already identified some far-right activists
- According to a data analysis by the Daily Dot, Ali Alexander tried to hide his involvement in the January 6 protests shortly after the fatality of the Capital riots.
Hacker group Anonymous has released a vast collection of names, passwords and addresses of far-right website administrators, in what experts are calling the ‘Panama Papers of hate groups’.
The intrusion targeted Epic, a Washington-based domain registrar that provides a safe haven to far-right websites, some of which were turned away from more mainstream web hosting services.
150 gigabytes of data are the ‘who’s what’ of the internet – and real life – trolls. Epic has hosted QAnon home base 8chan, neo-Nazi news site The Daily Stormer, and far-right social media platform Gab & Parlor.
Experts say that filtering large amounts of data can take years.
‘It’s massive. This may be the biggest domain-style leak I’ve seen and, as an extremism researcher, it’s certainly the most interesting,’ explains Elon University computer science professor Megan Squire Washington Post.
‘It’s an embarrassment of wealth – stress over embarrassment.’
The anonymous data breach targeted Epic, a domain registrar known for hosting websites that promote far-right conspiracy theories such as QAnon. Above, the 2020 QAnon rally in New York
Epic was also used by Ali Alexander, a far-right activist who allegedly tried to hide his involvement in websites promoting the January 6 protests before the Capitol riots began.
there was a violation previously reported By freelance reporter Steven Monacelli on September 13.
Earlier this month, Epic briefly hosted the ProLifeWhistleblower.com website, which was taken down by GoDaddy because it asked for the names of doctors who performed abortions in defiance of Texas’ new restrictive pro-life law.
Epic was founded in 2009 by Rob Monster, who has defended his work as keeping the Internet free and open.
The data leak revealed a lack of cybersecurity under Epic, which some say should be better addressed given the sensitive content it hosts.
Anonymous made the data available for download with a note saying it would help researchers track ownership and management of “the worst garbage the Internet has to offer.”
The files include years of website purchase records, internal company emails, and customer account credentials detailing who manages some of the world’s biggest far-flung websites.
The data includes client names, home addresses, email addresses, phone numbers and passwords.
Ali Alexander, an activist who organized rallies because of the January 6 Capitol riots, tried to hide the creation of his ‘Stop the Steel’ websites after the riots.
Epic was founded by Robert Monster in 2009. It is located in a suburb of Seattle, Washington
According to technical site analysis, several domains of the Epic leak are directly linked to Alexander. daily dot.
‘A lot of the research begins with the naming,’ said Emma Best, co-founder of the whistleblower group Distributed Denial of Secrets, which compared the leaks to the Panama Papers, a 2016 release of more than 11 million documents from Panamanian law firm Mossack Fonseca. There was a leak. This shows where the rich hide their money.
“There’s a lot of optimism and a sense of being overwhelmed, and people know they’re in the long haul with some of this data,” she told the Washington Post.
A Twitter account by the handle @epikfailsnippet is already posting unverified disclosures from the breach, including the name of a Proud Boys forum administrator who is a former employee of Drexel University.
The Proud Boys are a neo-fascist extremist group that believes that According to the International Center for Counter-Terrorism, men and Western culture are under attack. He has been banned from Facebook, Instagram, Twitter and YouTube.
A former Epic employee told Bloomberg Businessweek That he left after company founder Monster opened a meeting by asking his employees to watch a video of the 2019 Christchurch mosque shootings in New Zealand that killed 51 people, adding that the video would prove they were fake.
Two days after hackers announced the breach, Monster said in an email to customers that the company had been the victim of an “alleged security incident” and asked customers to report any “unusual account activity.”
‘You are in our prayers today,’ Monster wrote last week.
‘When situations arise where individuals may not have good intentions, I pray for them. I believe that the enemy who wants to do evil, God always turns into good. Blessings to you all.
Monster addressed the leak in a live stream last week, saying: ‘If you have a negative intention to use that data, it won’t work for you. I’m just telling you. If the demon tells you to do so, the demon is not your friend.’
The hack also exposed anonymously personal records, a privacy service Epic offered to customers who, ironically, wanted to hide their identities.
The Federal Trade Commission has previously imposed financial penalties on companies that did not take adequate steps to protect their customers.
In 2016, dating website Ashley Madison had to pay $1.6 million to settle an FTC investigation and state charges related to a 2015 major data breach that exposed the identities of its clients, many of whom were married and their There were cases.
David Vladeck, the FTC’s former head of consumer protection, said: “Given Epic’s security and the scope of its web hosting, I think it would be an FTC target, especially if the company was warned, but unable to take protective action.” failed. Bureau, told the Washington Post.
‘I would add that the FTC will not care about the content – right wing or left wing; The questions would be the potential magnitude and impact of the breach and representations … the company may have done about security.’