Hackers claim significant Epik breach

Individual(s) calling themselves “OFFICIAL ANONYMOUS” claimed to have dumped the information of all users and employees of Epik, a registrar and hosting service. Including all account credentials, billing information, phone numbers and addresses behind private whois.

Epik’s CEO responded Tuesday,

“We are assessing and don’t have any evidence of any domains compromised. Our team has been diligently assessing the claims and proactively securing systems.”

and on Wednesday,

… “Our internal team, working with external experts, have been working diligently to address the situation. We are taking proactive steps to resolve the issue. We will update you on our progress.” …

Claimed data dump:

"WHAT YOU GET FOR THE LOW LOW PRICE OF $0.00

  • All domain purchases
  • All domain transfers in/out
  • All whois history, unredacted
  • All DNS changes
  • All email forwards, catch-alls, etc
  • Payment history (no credit card data, don’t get excited, FBI, we’re not in that game)
    Account credentials for:
    all Epik customers, hosting, Anonymize VPN, and so on
    Epik internal systems, servers
    Epik’s GoDaddy logins
    …and more! IN PLAINTEXT! That’s right, Epik barely hashed a damn thing!
    When we saw hashes, they were merely unsalted MD5
    Here’s one such sample that made us upset for daring to use “anon”:
    Rob Monster anon@epik.com robmonster 109d88a0c4a49217c01a36913b034161 (cracked: willem)
    Yep, these Russian developers they hired are actually just that bad.
    They probably enjoyed snooping through all of your shit just as much as we did.
  • Over 500,000 private keys. What are they for? Who knows!
  • We think we spotted a bunch of Anonymize OpenVPN profiles in this,
    but we were too disgusted with the above to continue digging.
  • A dump of an employee’s mailbox, just because we could.
  • Git repositories for whatever internal applications!
  • SSH keys!
  • /home/ and /root/ directories of one of their core systems!"
1 Like

Well, that’s just the thing. Anybody can call themselves anonymous and claim to be the hacker collective.
I’ll be looking into this later on today.

Anything that is centralized is ultimately vulnerable. That includes hosting.

3 Likes