Anonymous hacktivists attacked into the database of the domain registrar and hoster Epik, which was previously often criticized for hosting right-wing sites including 8chan, Gab, Parler and The Donald. The data stolen from the hoster (more than 180 GB) was published in torrent format and, according to hackers, it contains information from the last decade.
The hack, which, judging by the time marks, is dated February of this year, was announced by the hackers on a special website, as well as on 4chan.
This hack was carried out by the hacktivists as part of the #OperationJane campaign, which is directed against the recently passed Texas “heartbeat law“, which severely restricts women’s right to abortion. Earlier, as part of this operation, Anonymous defaced the website of the Texas Republican Party, which was involved in promoting the controversial law.
— Operation Jane (@OperationJane) September 3, 2021
The Record reports that a person associated with Anonymous provided a full copy of the dump at the disposal of the editors, and the study of this database only confirms all the hackers’ claims. For example, a 32 GB torrent file hosted on the DDoSecrets portal includes several SQL database dumps, which contain gigabytes of confidential information, including information about domain owners and transactions, account data, and a large collection of various personal data.
Most of the archived data contained exactly what the hackers were talking about: SSH keys, source codes, mailbox contents, and many private keys that neither hackers nor journalists were able to associate with anything in particular.
Anonymous claims that the leak contains information on all domains that have ever been hosted or registered with Epik, but it simply cannot be verified. Instead, The Record reporters called three randomly selected Epik clients whose data was in the dump and verified that the leak contained their real names, email addresses and residential addresses.
At the same time, the hacktivists themselves propose to use the leak not only to denigrate Epik, which supports the radical right, but also urge reporters, activists and information security researchers to study the dump and search it for information about domains associated with government hackers, terrorists and Nazis.
Interestingly, Epik representatives deny the hack:
Anonymous representatives have already laughed at this statement of the company: in response, the hacktivists hacked into the Epik knowledge base and made their own edits to it.
The message ended with a sarcastic statement: “We wrote it all ourselves, and obviously it not a part of the hacked account.” Currently, Epik employees have already removed this page.
You might also be interested in the information that ProxyToken Vulnerability Allows Stealing Mail Through Microsoft Exchange.