Link to tweet

"We're not that stupid. It's (the hack) as bogus as covid19 and 5G".

If the reply from ownership is any indication, I think "anonymous" has struck gold.

It's fairly common knowledge who owns these sites anyway. If they truly did get all the user information though, it could be a massive score.

but I have yet to see any documents, when are they going to be made public? what are they waiting for?

They altered the knowledge base to make fun of Epik's denial that they had been breached.

From the article:

"Anonymous also tampered with Epik's knowledge base to mock the company's denial of the breach.

"On September 13, 2021, a group of kids calling themselves 'Anonymous', whom we’ve never heard of, said they manage[d] to get a hold of, well, honestly, all our data, and then released it," said the altered knowledge base, as seen in an archived copy. "They claim it included all the user data. All of it. All usernames, passwords, e-mails, support queries, breaching all anonymization service[s] we have. Of course it’s not true. We’re not so stupid we'd allow that to happen."

https://arstechnica.com/information-technology/2021/09/anonymous-leaks-gigabytes-of-data-from-epik-web-host-of-gab-and-parler/


That said, I can see how you would think that came from Epik as their actual response to the breach was so utterly stupid that it makes the KB article believable.

"We are not aware of any breach. We take the security of our clients' data extremely seriously, and we are investigating the allegation," an Epik representative told Ars."

That came the day after Anonymous announced the hack. When I saw Epik's response, it was obvious to me that they had been pwned. Badly. And they didn't even know it (yet).

In this case though, these people are traitors to their country, publish their names and actions.

It was wrong when the DNC was hacked and it is wrong now.

Last edited Thu Sep 16, 2021, 06:17 PM - Edit history (1)

#OperationJane. Anonymous has been telling Texas to expect them.

No wonder they're the last place on earth for criminals and scum.

"Time to find out who in your family secretly ran an Invermectin horse porn fetish site."

forward to finding out whose uncles are running ivermectin porn sites? Anyone in our neighborhood? I found news on the hack of TX Republican Party's site, but I don't think that's quite what is meant by "the far-right's most notorious websites," even if it does qualify in my mind.

Anonymous always brings to mind a long-term interest, btw, the 2016 campaign against the Democratic Party (supposedly addressed to Evil Witch Hillary) that they were about to release evidence of our candidate's crimes that would destroy her. While they're releasing stuff, might that finally turn up?

"“You are in our prayers today. We are grateful for your support and prayer. When situations arise where individuals might not have honorable intentions, I pray for them,” Monster added. “I believe that what the enemy intends for evil, God invariably transforms into good.”"

Dude - you have dishonorable intentions and you are the enemy. Maybe, just maybe, this hack is God transforming your evil into good!

that the top .1% is waging against the rest of humanity then perhaps some good comes from it

This is fundamental dynamic that colors all the other issues and makes progress harder. Doing something about it has proven very very difficult, due to the 50 year head start and 90% of the money the top .1% has

For example, it might enable some very targeted and painful boycotts.

weeks before they were breached.

"TechCrunch has since learned that Epik was warned of a critical security flaw weeks before its breach.

Security researcher Corben Leo contacted Epik’s chief executive Monster over LinkedIn in January about a security vulnerability on the web host’s website. Leo asked if the company had a bug bounty or a way to report the vulnerability. LinkedIn showed Monster had read the message but did not respond.

Leo told TechCrunch that a library used on Epik’s WHOIS page for generating PDF reports of public domain records had a decade-old vulnerability that allowed anyone to remotely run code directly on the internal server without any authentication, such as a company password.

“You could just paste this [line of code] in there and execute any command on their servers,” Leo told TechCrunch.

More at https://techcrunch.com/2021/09/17/epik-website-bug-hacked/

I'm not sure if that's the vulnerability that Anonymous used to breach their servers but, at any rate, if they had a vulnerability that old that they hadn't bothered to take care of, there's a REALLY good chance that it wasn't the only one. Sounds like they were easy pickings.