Epik domains

Yes, it appears that the registrar Epik was hacked by a group called Anonymous.

Yes, there was a website at epikfail.win with the info you can see below. (Website is now down.)

Yes, there are a couple of torrents with all the hacked data and thousands of people downloading them.

According to the hackers, the contents include:

    Sponsored
  • All domain purchases
  • All domain transfers in/out
  • All whois history
  • All DNS changes
  • All email forwards, catch-alls, etc
  • Payment history (no credit card data)
  • Account credentials
  • Over 500,000 private keys
  • A dump of an employee’s mailbox,
  • Git repositories
  • /home/ and /root/ directories of one of their core systems

Yes, that is all I can say at the moment.

Here is what Rob Monster said in an email today:

“At Epik, we take security and the privacy of your information very seriously. Therefore as a precautionary measure, I am writing to inform you of an alleged security incident involving Epik.

Our internal team, working with external experts, have been working diligently to address the situation. We are taking proactive steps to resolve the issue. We will update you on our progress. In the meantime please let us know if you detect any unusual account activity. I am proud of our team’s efforts as we do our part to empower a thriving internet for the benefit of our customers around the world.

You are in our prayers today. We are grateful for your support and prayer. When situations arise where individuals might not have honorable intentions, I pray for them. I believe that what the enemy intends for evil, God invariably transforms into good.

Sponsored

Blessings to you all.

Regards,

Rob Monster
Founder and CEO
Epik Holdings Inc”

This was the content of the website epikfail.win: (I have only removed the link to the torrent with all the hacked data.)

*****************************************************************************************
________                                     __   .__
_____    ______    ____  _______ _____   _/  |_ |__|  ____    ____
 /   |    ____  _/ __  _  __ __       __|  | /  _   /    
/    |    |  |_> >  ___/  |  | / / __ _ |  |  |  |(  <_> )|   |  
_______  /|   __/  ___  > |__|   (____  / |__|  |__| ____/ |___|  /
        / |__|         /              /                         /
 ________   _______    _____   ___  ____      ________        _        _____    _____
|_   __  | |_   __   |_   _| |_  ||_  _|    |_   __  |      /       |_   _|  |_   _|
  | |_ _|   | |__) |   | |     | |_/ /        | |_ _|     / _        | |      | |
  |  _| _    |  ___/    | |     |  __'.        |  _|       / ___       | |      | |   _
 _| |__/ |  _| |_      _| |_   _| |   _     _| |_      _/ /    _   _| |_    _| |__/ |
|________| |_____|    |_____| |____||____|   |_____|    |____| |____| |_____|  |________|

*****************************************************************************************

OFFICIAL ANONYMOUS (not to be confused with 'Anonymous Official' grifters) PRESS RELEASE
SEPTEMBER 13, 2021
NOTORIOUS "HACKERS ON ESTRADIOL" PRESENT GRAND REVEAL
OF ROB "HITLER SHOULD'VE WON" MONSTER'S EPIK FAILURE

You know, when you name a company "Epik",
that implies something really big's going to happen.
Deserving of the name.
Well, after years of bolstering the worst trash the Internet has to offer,
this is, truly, the Epik moment we've all been waiting for.

Contained within this release, the following delicious morsels
that will surely be digested for months to come:

A decade's worth of data from the company. That's right, everybody.

Time to find out who in your family secretly ran an Ivermectin horse porn fetish site,
disinfo publishing outfit, or yet another QAnon hellhole.

Want to know when a nation-state decided to offer hosting to some domestic terror groups,
without those pesky DDoS mitigating reverse proxies getting in your way?
Want to know the identity of the owner of a domain or large set of domains
used in yet another influence/information operation?
Decloak origin IPs of nazi websites for further investigation, poking, prodding!
Map out a decade of online fash with a level of clarity nobody has been able to UNTIL NOW!

WHAT YOU GET FOR THE LOW LOW PRICE OF $0.00

* All domain purchases
* All domain transfers in/out
* All whois history, unredacted
* All DNS changes
* All email forwards, catch-alls, etc
* Payment history (no credit card data, don't get excited, FBI, we're not in that game)
* Account credentials for:
  all Epik customers, hosting, Anonymize VPN, and so on
  Epik internal systems, servers
  Epik's GoDaddy logins
  ...and more! IN PLAINTEXT! That's right, Epik barely hashed a damn thing!
  When we saw hashes, they were merely unsalted MD5
  Here's one such sample that made us upset for daring to use "anon":
    Rob Monster anon@epik.com robmonster 109d88a0c4a49217c01a36913b034161 (cracked: willem)
  Yep, these Russian developers they hired are actually just that bad.
  They probably enjoyed snooping through all of your shit just as much as we did.
* Over 500,000 private keys. What are they for? Who knows!
* We think we spotted a bunch of Anonymize OpenVPN profiles in this,
  but we were too disgusted with the above to continue digging.
* A dump of an employee's mailbox, just because we could.
* Git repositories for whatever internal applications!
* SSH keys!
* /home/ and /root/ directories of one of their core systems!

This dataset is all that's needed to trace actual ownership and management of the fascist side
of the Internet that has eluded researchers, activists, and, well, just about everybody.
And maybe have a little extra fun. For the lulz.

Is it possible to own a company as hard as this? We sure love to see it.
Good luck with the rebrand, Robby boy. Herd u liek mudkipz.

Monero tips for the inevitable legal bills, for
when the FBI kicks down OVER 9000 doors after this utterly
embarrasses everyone and outs one or more of their
poorly thought out stochastic terrorism plots
(GOOD LUCK WE'RE BEHIND SEVEN PROXIES)

49fTMEjqSZW5qKrJLwKjJZ2MHVYCbvsPo1ikwtxQTW66V3VTijgtJdFCukcKvvCnX7GYMqfgEVBGeQ4XJ1b6b45SQcfRCaq

Support your starving hacktivists, and they will bless you in turn.

So long, for now! Support #OperationJane and mess with Texas today!
Abortion is a human right!

Download OperationEpikFail.torrent

There's no use in denial, Rob Monster.

We are Anonymous
We are Legion
We do not Forgive
We do not Forget
 ___________
< EXPECT US >
 -----------
           ^__^
           (oo)_______
            (__)       )/
                ||----w |
                ||     ||

The Internet Hate Machine hates fascists.

Signed,

              )      )       )       )     *         )            (
   (       ( /(   ( /(    ( /(    ( /(   (  `     ( /(            ) )
   )      )())  )())   )())   )())  )))(    )())      (   (()/(
((((_)(   ((_)  ((_)   ((_)   ((_)  ((_)()  ((_)       )   /(_))
 ) _ )   _((_)   ((_)   _((_) __ ((_) (_()((_)   ((_)   _ ((_) (_))
 (_)_(_) | | |  / _   | | |   / / |  /  |  / _   | | | | / __|
  / _    | .` | | (_) | | .` |   V /  | |/| | | (_) | | |_| | __ 
 /_/ _  |_|_|  ___/  |_|_|   |_|   |_|  |_|  ___/   ___/  |___/

Source link

Original article: Epik was hacked – OnlineDomain.com

©2021 Domain Observer. All Rights Reserved.