Anonymous: We've leaked disk images stolen from far-right-friendly web host Epik

Latest data dump also apparently contains 'a wide range of passwords and API tokens'


Entities using the name and iconography of Anonymous (EUTNAIOA) claim to have leaked server disk images extracted from Epik – the controversial US outfit that has provided services to far-right orgs such as the Oath Keepers and Gab, provided a home to social-network-for-internet-outcasts Parler, and hosted hate-hole 8chan.

Epik made a virtue of providing such services. In a blog post defending its decision to operate Gab’s domain name after GoDaddy declined to do so, Epik CEO Rob Monster argued it was a free speech issue, and said deplatforming companies is both censorship and a violation of inalienable rights.

EUTNAIOA earlier leaked 180GB of data it said it siphoned from Epik servers, plenty of it detailing the activities of far-right groups such as The Proud Boys and the ridiculous QAnon mob. This included personally identifiable information, domain ownership records, account credentials and SSH keys, internal Git repos, payment histories, and more.

The hacktivist collective justified the release of stolen data on the grounds it exposed racists, and dubbed the operation: Epik Fail.

That document dump was shared around the internet and was widely assessed as authentic. At least one Epik customer identified in the leaked files – a Florida estate agent – was fired as a result of the leak; it emerged he had tried to register domains such as theholocaustisfake.com via the web biz.

This latest super-dump of stolen Epik data was first reported by the Daily Dot on Wednesday after EUTNAIOA shared the information as a torrent.

One of the publication's reporters tweeted a partial screen shot of the collective's announcement of the leak, and detailed some of its contents:

We're told the dump is a 70GB archive of files and “several bootable disk images of assorted systems” that represent Epik's server infrastructure. Journalist Steve Monacelli, who broke the news of the first data release, said the latest leak expands to 300GB.

"This leak appears to be fully bootable disk images of Epik servers, including a wide range of passwords and API tokens," he added.

A security expert who uses the handle "WhiskeyNeon" has posted the video below that depicts some of Epik's VMs in action.

And that’s all that’s made it into public view at this time, it appears.

The Distributed Denial of Secrets collective, which is separate to EUTNAIOA and helped spread the initial leak, said those who ransacked Epik's systems had claimed to have obtained “bootable disk images.”

After the first release of data, Epik's Monster CEO conducted a video chat session in which he claimed the data was likely sourced from a backup that was “intercepted,” but didn’t elaborate.

Whatever the data dump contains, and however it was obtained, interest in the data trove is enormous because it is felt to offer extraordinary insights into how far-right groups operate.

And as FBI director Christopher Wray said in a March statement to the United States' Senate Judiciary Committee, the Feds consider the top threat the nation faces from domestic violent extremists to be “those we identify as racially or ethnically motivated violent extremists, specifically those who advocate for the superiority of the white race.”

Epik happily hosts services and individuals who hold those views. ®


Other stories you might like

  • SpaceX Starlink sat streaks now present in nearly fifth of all astronomical images snapped by Caltech telescope

    Annoying, maybe – but totally ruining science, no

    SpaceX’s Starlink satellites appear in about a fifth of all images snapped by the Zwicky Transient Facility (ZTF), a camera attached to the Samuel Oschin Telescope in California, which is used by astronomers to study supernovae, gamma ray bursts, asteroids, and suchlike.

    A study led by Przemek Mróz, a former postdoctoral scholar at the California Institute of Technology (Caltech) and now a researcher at the University of Warsaw in Poland, analysed the current and future effects of Starlink satellites on the ZTF. The telescope and camera are housed at the Palomar Observatory, which is operated by Caltech.

    The team of astronomers found 5,301 streaks leftover from the moving satellites in images taken by the instrument between November 2019 and September 2021, according to their paper on the subject, published in the Astrophysical Journal Letters this week.

    Continue reading
  • AI tool finds hundreds of genes related to human motor neuron disease

    Breakthrough could lead to development of drugs to target illness

    A machine-learning algorithm has helped scientists find 690 human genes associated with a higher risk of developing motor neuron disease, according to research published in Cell this week.

    Neuronal cells in the central nervous system and brain break down and die in people with motor neuron disease, like amyotrophic lateral sclerosis (ALS) more commonly known as Lou Gehrig's disease, named after the baseball player who developed it. They lose control over their bodies, and as the disease progresses patients become completely paralyzed. There is currently no verified cure for ALS.

    Motor neuron disease typically affects people in old age and its causes are unknown. Johnathan Cooper-Knock, a clinical lecturer at the University of Sheffield in England and leader of Project MinE, an ambitious effort to perform whole genome sequencing of ALS, believes that understanding how genes affect cellular function could help scientists develop new drugs to treat the disease.

    Continue reading
  • Need to prioritize security bug patches? Don't forget to scan Twitter as well as use CVSS scores

    Exploit, vulnerability discussion online can offer useful signals

    Organizations looking to minimize exposure to exploitable software should scan Twitter for mentions of security bugs as well as use the Common Vulnerability Scoring System or CVSS, Kenna Security argues.

    Better still is prioritizing the repair of vulnerabilities for which exploit code is available, if that information is known.

    CVSS is a framework for rating the severity of software vulnerabilities (identified using CVE, or Common Vulnerability Enumeration, numbers), on a scale from 1 (least severe) to 10 (most severe). It's overseen by First.org, a US-based, non-profit computer security organization.

    Continue reading

Biting the hand that feeds IT © 1998–2022