Yes, it appears that the registrar Epik was hacked by a group called Anonymous.
Yes, there was a website at epikfail.win with the info you can see below. (Website is now down.)
Yes, there are a couple of torrents with all the hacked data and thousands of people downloading them.
According to the hackers, the contents include:
- All domain purchases
- All domain transfers in/out
- All whois history
- All DNS changes
- All email forwards, catch-alls, etc
- Payment history (no credit card data)
- Account credentials
- Over 500,000 private keys
- A dump of an employee’s mailbox,
- Git repositories
- /home/ and /root/ directories of one of their core systems
Yes, that is all I can say at the moment.
Here is what Rob Monster said in an email today:
“At Epik, we take security and the privacy of your information very seriously. Therefore as a precautionary measure, I am writing to inform you of an alleged security incident involving Epik.
Our internal team, working with external experts, have been working diligently to address the situation. We are taking proactive steps to resolve the issue. We will update you on our progress. In the meantime please let us know if you detect any unusual account activity. I am proud of our team’s efforts as we do our part to empower a thriving internet for the benefit of our customers around the world.
You are in our prayers today. We are grateful for your support and prayer. When situations arise where individuals might not have honorable intentions, I pray for them. I believe that what the enemy intends for evil, God invariably transforms into good.
Blessings to you all.
Regards,
Rob Monster
Founder and CEO
Epik Holdings Inc”
This was the content of the website epikfail.win: (I have only removed the link to the torrent with all the hacked data.)
***************************************************************************************** ________ __ .__ _____ ______ ____ _______ _____ _/ |_ |__| ____ ____ / | ____ _/ __ _ __ __ __| | / _ / / | | |_> > ___/ | | / / __ _ | | | |( <_> )| | _______ /| __/ ___ > |__| (____ / |__| |__| ____/ |___| / / |__| / / / ________ _______ _____ ___ ____ ________ _ _____ _____ |_ __ | |_ __ |_ _| |_ ||_ _| |_ __ | / |_ _| |_ _| | |_ _| | |__) | | | | |_/ / | |_ _| / _ | | | | | _| _ | ___/ | | | __'. | _| / ___ | | | | _ _| |__/ | _| |_ _| |_ _| | _ _| |_ _/ / _ _| |_ _| |__/ | |________| |_____| |_____| |____||____| |_____| |____| |____| |_____| |________| ***************************************************************************************** OFFICIAL ANONYMOUS (not to be confused with 'Anonymous Official' grifters) PRESS RELEASE SEPTEMBER 13, 2021 NOTORIOUS "HACKERS ON ESTRADIOL" PRESENT GRAND REVEAL OF ROB "HITLER SHOULD'VE WON" MONSTER'S EPIK FAILURE You know, when you name a company "Epik", that implies something really big's going to happen. Deserving of the name. Well, after years of bolstering the worst trash the Internet has to offer, this is, truly, the Epik moment we've all been waiting for. Contained within this release, the following delicious morsels that will surely be digested for months to come: A decade's worth of data from the company. That's right, everybody. Time to find out who in your family secretly ran an Ivermectin horse porn fetish site, disinfo publishing outfit, or yet another QAnon hellhole. Want to know when a nation-state decided to offer hosting to some domestic terror groups, without those pesky DDoS mitigating reverse proxies getting in your way? Want to know the identity of the owner of a domain or large set of domains used in yet another influence/information operation? Decloak origin IPs of nazi websites for further investigation, poking, prodding! Map out a decade of online fash with a level of clarity nobody has been able to UNTIL NOW! WHAT YOU GET FOR THE LOW LOW PRICE OF $0.00 * All domain purchases * All domain transfers in/out * All whois history, unredacted * All DNS changes * All email forwards, catch-alls, etc * Payment history (no credit card data, don't get excited, FBI, we're not in that game) * Account credentials for: all Epik customers, hosting, Anonymize VPN, and so on Epik internal systems, servers Epik's GoDaddy logins ...and more! IN PLAINTEXT! That's right, Epik barely hashed a damn thing! When we saw hashes, they were merely unsalted MD5 Here's one such sample that made us upset for daring to use "anon": Rob Monster anon@epik.com robmonster 109d88a0c4a49217c01a36913b034161 (cracked: willem) Yep, these Russian developers they hired are actually just that bad. They probably enjoyed snooping through all of your shit just as much as we did. * Over 500,000 private keys. What are they for? Who knows! * We think we spotted a bunch of Anonymize OpenVPN profiles in this, but we were too disgusted with the above to continue digging. * A dump of an employee's mailbox, just because we could. * Git repositories for whatever internal applications! * SSH keys! * /home/ and /root/ directories of one of their core systems! This dataset is all that's needed to trace actual ownership and management of the fascist side of the Internet that has eluded researchers, activists, and, well, just about everybody. And maybe have a little extra fun. For the lulz. Is it possible to own a company as hard as this? We sure love to see it. Good luck with the rebrand, Robby boy. Herd u liek mudkipz. Monero tips for the inevitable legal bills, for when the FBI kicks down OVER 9000 doors after this utterly embarrasses everyone and outs one or more of their poorly thought out stochastic terrorism plots (GOOD LUCK WE'RE BEHIND SEVEN PROXIES) 49fTMEjqSZW5qKrJLwKjJZ2MHVYCbvsPo1ikwtxQTW66V3VTijgtJdFCukcKvvCnX7GYMqfgEVBGeQ4XJ1b6b45SQcfRCaq Support your starving hacktivists, and they will bless you in turn. So long, for now! Support #OperationJane and mess with Texas today! Abortion is a human right! Download OperationEpikFail.torrent There's no use in denial, Rob Monster. We are Anonymous We are Legion We do not Forgive We do not Forget ___________ < EXPECT US > ----------- ^__^ (oo)_______ (__) )/ ||----w | || || The Internet Hate Machine hates fascists. Signed, ) ) ) ) * ) ( ( ( /( ( /( ( /( ( /( ( ` ( /( ) ) ) )()) )()) )()) )()) )))( )()) ( (()/( ((((_)( ((_) ((_) ((_) ((_) ((_)() ((_) ) /(_)) ) _ ) _((_) ((_) _((_) __ ((_) (_()((_) ((_) _ ((_) (_)) (_)_(_) | | | / _ | | | / / | / | / _ | | | | / __| / _ | .` | | (_) | | .` | V / | |/| | | (_) | | |_| | __ /_/ _ |_|_| ___/ |_|_| |_| |_| |_| ___/ ___/ |___/
Original article: Epik was hacked – OnlineDomain.com
©2021 Domain Observer. All Rights Reserved.