Web Hosting Provider Epik Compromised by Hackers

The hacker collective “Anonymous” has announced that they have compromised the internet domain registrar and web hosting provider Epik on September 13th 2021. The hacker collective has reportedly stolen what they claim to be “a decades worth of data” from the service provider and released this data in a torrent for the rest of the internet to see.

Epik is well known for hosting a number of right-winged and far-right domains for organizations such as Parler, 8chan, Gab, BitChute and more recently the Texas Right to Life anti-abortion “whistleblower” website. Anonymous targeted the hosting provider in what it dubs as “Operation Jane” specifically for its support in hosting the whistleblower website. Anonymous posted on the twitter account “Operation Jane” on the 3rd of September that it would be targeting the website and anyone supporting it in a video message.

In the alleged hack claimed by Anonymous, the data leaked appears to contain sensitive information to include credentials for all Epik customers since the data was not hashed properly. By not storing the data as hashes, the information is available in clear text and anyone who is able to successfully compromise the provider would be able to view this information with incredible ease. In places that hashes were implemented, Anonymous further claims that this data was simply hashed with an older algorithm, MD5, and included no salting (an addition step that would further ensure the integrity and security of the data).

While a number of sources are beginning to confirm the data that was leaked in the torrent, including security researchers with Red Team Cafe, more information will eventually be released over time to confirm these claims made by the hacker collective.

Epik is no stranger to the right-wing community these days as more platforms are migrating to the provider to ensure that their services are remain online. Epik first gained internet notoriety in the political spectrum in 2019 when it began hosting the website 8chan.

8chan is an imageboard website that is most known for its hosting of content pertaining to white supremacy, racism, and antisemitism. 8chan was wiped from the internet by the previous host CloudFlare in the wake of the El Paso shooting in 2019 when the manifesto for the shooters was being spread around imageboard website. After Epik began to notice the dangerous implications of the platform and the content that was being hosted on the website, the provider terminated its its service to 8chan. Additionally, Epik ended its relationship with the white supremacist site The Daily Stormer which it had automatically created during its acquisition of BitMitigate. Once Epik realized the connection between BitMitigate and The Daily Stormer, Epik ensured that it was terminated promptly.

US Capitol Police announces six disciplinary cases against officers from  Jan. 6 insurrection - CNNPolitics

Following the Washington DC Capital Riots in 2021, Parler faced similar scrutiny among service providers as organizers used the service to share information about the event as it unfolded and further spread theories about election fraud. Both Google and Apple removed the application from their online app stores as well as Amazon announcing their suspension of Parlers presence on AWS.

Following the events that surrounded Parler, other alternative platforms and right-winged hosts began moving their platforms over to Epik in fear of censorship by the larger hosting providers. Websites such as InfoWars, BitChute, Patriots.win, and more have all found refuge with Epik and have confidence that their platforms are safe from censorship that they claim other providers are enacting on.

Anonymous is no stranger to cyber security breaches and hacking controversies. The infamous hacker collective gains its inspiration from the movie V for Vendetta, the symbol of anonymous being the mask fo the character “V”, anarcho terrorist fighting the corrupt government in the film. Anonymous first gained mainstream fame during its hacktivism campaign in 2008 against the Church of Scientology dubbed “Project Chanology” in which the hacker collective performed denial of service attacks against the church’s web domains. This eventually lead to physical organized protests outside the church in which supporters wore anonymous masks and held signs denouncing the organization.

“Operation Payback” in 2010 saw Anonymous targeting Aiplex Software, an Indian software firm, for making deals with media companies to combat piracy and the spread of pirated copyright material from the industry. Aiplex was alleged to have used Distributed Denial of Service (DDos) techniques to attack hosts of the content such as The Pirate Bay. Anonymous launched its own DDoS against the tech firm essentially shutting down the site. Additionally, Anonymous targeted media groups such as Recording Industry of America and the Motion Picture Associate of America rendering their website down as well.

With the takedown of popular website WikiLeaks by service provider Amazon and payment processors such as MasterCard, Visa and PayPal refusing to process payments to the site, Anonymous launched “Operation Avenge Assange” in which they commenced attacks against PayPal, Visa, MasterCard and even Amazon though unsuccessfully so with the later.

Since then, Anonymous has been participating in a number of smaller campaigns that have gained less exposure. Since Anonymous is a collective of hackers and has no true leadership or organizational structure, it is extremely difficult to take down the group. Additionally, since anyone can claim to be part of the collective or act on behalf of Anonymous, it makes the intentions of the group impossible to map although a majority of the actions have supported free speech, human rights, and a number of anti-government movements.

Author: Christian McLaughlin

Christian is an information security expert working as a security engineer, researcher and penetration tester. He served his country proudly as a sailor in the US Navy for 7 1/2 years before transitioning out into the private infosec field. When not working, he enjoys practicing music, playing video games, or just learning more about computers and technology.