Epik Hack Reveals Owners of Most Notorious Far-Right Sites

A large-scale breach of the domain registrar and web hosting company Epik has exposed a huge trove of data, including the names of the people behind some of the most notorious far-right websites.

The data, as first reported by freelance journalist Steven Monacelli on Monday, was released like a torrent this week by the Anonymous hacking collective.

In a press release about the hack, dubbed Operation EPIK FAIL, Anonymous claimed that it was able to obtain "a decade" of information, including domain registrations and transfers, account credentials and emails from an Epik employee.

"This dataset is all that is needed to trace the actual ownership and management of the fascist side of the Internet that has eluded researchers, activists and, well, almost everyone," the statement alleges.

Subsequently, the group of journalists published a compressed version of the torrent. DDoSecrets, which plans to upload and host the data for reporters and researchers.

Epik's clients include social media sites such as Talk and It gave as well as far-right forums such as TheDonald. A pro-life website that urged Texans to report women requesting abortions from the authorities in the wake of the state's abortion decision was also temporarily a client of Epik.

In a statement to Gizmodo on Tuesday, an Epik spokesperson said the company was "not aware of any wrongdoing."

Epik CEO Robert Monster sent customers an email Wednesday acknowledging "an alleged security incident" but did not provide details.

"Our internal team, working with outside experts, has been working diligently to address the situation," Monster wrote. “We are taking proactive steps to resolve the problem. We will update you on our progress. "

“You are in our prayers today. We appreciate your support and prayer. When situations arise where people may not have honorable intentions, I pray for them, ”added Monster. "I believe that what the enemy intends for evil, God invariably transforms into good."

The Daily Dot attempted to contact Monster for comment, whose phone number and Skype username were listed in the breach emails, but did not receive a response.

Analysis of the Daily Dot data revealed the names, addresses, phone numbers and email addresses of those who registered web domains for a variety of sites related to everything from the QAnon conspiracy theory to forums for the former president's supporters. Donald Trump. The data was also verified on Wednesday evening by the Record.

The Daily Dot spoke with a person listed as the registrar for TheDonald, an offshoot of a pro-Trump forum. forbidden from Reddit last year, which operates from the Patriots.win domain. The individual confirmed that the information contained in the violation was his, but claimed that he had distanced himself from the site.

The original TheDonald subreddit, which had nearly 800,000 members, was removed by Reddit for repeatedly violating the platform's rules against harassment, hate speech and content manipulation.

The forum replacement on Patriots.win was also embroiled in controversy following the Jan. 6 riot on Capitol Hill after members were found to have discussed hanging and beheading politicians.

Another individual who was listed as running a copycat version of 8chan also confirmed to the Daily Dot that the information contained in the violation was accurate over the phone.

A Linux engineer tasked with conducting an impact assessment on behalf of a customer using Epik's services told the Daily Dot that the breach was one of the worst he had ever seen. The engineer was not allowed to speak about the violation by his employer and the Daily Dot granted him anonymity.

"They are totally committed from one end to the other," they said. "Perhaps the worst I've seen in my 20-year career."

The engineer pointed out to the Daily Dot what they described as Epik's "complete main database," containing hosting account usernames and passwords, SSH keys, and even some credit card numbers, all stored in plain text.

The data also includes Auth-Codes, access codes required to transfer a domain name between registrars. The engineer stated that with all the data from the leak, which also included admin passwords for WordPress logins, any attacker could easily take over the websites of countless Epik customers.

The Daily Dot was unable to confirm claims made in Anonymous' press release that each and every Epik customer was exposed to the breach.

The analysis suggests that the hacked data increases until February 28, 2021. The publication of the data comes just days after the hackers aligned themselves with Anonymous. disfigured the official website of the Texas Republican Party on new state restrictions on abortion.