Results 1 to 13 of 13
  1. #1
    dangerous floater Winehole23's Avatar
    My Team
    San Antonio Spurs
    Join Date
    Nov 2008
    Post Count
    72,921
    Epik has hosted Gab, Parler, ute, The Donald, 8chan, The Daily Stormer, Joey Camp and Texas Right to Life.



    A Linux engineer tasked with conducting an impact assessment on behalf of a client who uses Epik’s services told the Daily Dot that the breach was one of the worst he had ever seen. The engineer did not have permission to speak about the breach by his employer and was granted anonymity by the Daily Dot.


    “They are fully compromised end-to-end,” they said. “Maybe the worst I’ve ever seen in my 20-year career.”


    The engineer pointed the Daily Dot to what they described as Epik’s “entire primary database,” which contains hosting account usernames and passwords, SSH keys, and even some credit card numbers—all stored in plaintext.


    The data also includes Auth-Codes, passcodes that are needed to transfer a domain name between registrars. The engineer stated that with all the data in the leak, which also included admin passwords for WordPress logins, any attacker could easily take over the websites of countless Epik customers.


    The Daily Dot was unable to confirm the claims made in the press release by Anonymous that every single one of Epik’s customers were exposed in the breach.
    Analysis suggests that hacked data goes up until Feb. 28, 2021.
    https://www.dailydot.com/debug/epik-...tes-anonymous/

  2. #2
    Veteran
    My Team
    San Antonio Spurs
    Join Date
    Oct 2008
    Post Count
    42,619
    To be expected from a company named "Epik."

  3. #3
    LMAO koriwhat's Avatar
    My Team
    San Antonio Spurs
    Join Date
    Jan 2008
    Post Count
    30,555
    Epik has hosted Gab, Parler, ute, The Donald, 8chan, The Daily Stormer, Joey Camp and Texas Right to Life.

    https://www.dailydot.com/debug/epik-...tes-anonymous/
    Doubtful considering most databases are built on some sql flavor be it mysql, mongodb, etc and use encryption. I don't have any databases that run strictly from a csv or txt file besides AIO db's like sqlite and whatnot in a sandbox app of sorts.

    You're just gullible bro.

  4. #4
    LMAO koriwhat's Avatar
    My Team
    San Antonio Spurs
    Join Date
    Jan 2008
    Post Count
    30,555
    Btw Wordpress was mentioned which runs on a sql db and within that db each installed instance has its credentials encrypted with MD5.

  5. #5
    LMAO koriwhat's Avatar
    My Team
    San Antonio Spurs
    Join Date
    Jan 2008
    Post Count
    30,555
    To be expected from a company named "Epik."
    You're a dumbass bro. Sit this one out.

  6. #6
    LMAO koriwhat's Avatar
    My Team
    San Antonio Spurs
    Join Date
    Jan 2008
    Post Count
    30,555
    The losers in Anonymous hacked Epik or just claiming they did? I just googled this and saw they are claiming they hacked Epik. I wish I knew more advanced programming, packet , networking crap, etc... They're having all the fun if they did indeed hack Epik.

  7. #7
    🏆🏆🏆🏆🏆 ElNono's Avatar
    My Team
    San Antonio Spurs
    Join Date
    Apr 2007
    Post Count
    143,728
    Doubtful considering most databases are built on some sql flavor be it mysql, mongodb, etc and use encryption. I don't have any databases that run strictly from a csv or txt file besides AIO db's like sqlite and whatnot in a sandbox app of sorts.

    You're just gullible bro.
    Actually, it doesn't really matter much if it's encrypted. If the bug is on cross-site scripting, for example, then the hack uses the same DB routines as the site, which decrypt the data for them. This is fairly common.

    Also, mysql does not encrypt data by default for performance reasons.

    The breach is real, BTW, there are dumps of the data available. See:
    https://therecord.media/anonymous-ha...egistrar-epik/

  8. #8
    LMAO koriwhat's Avatar
    My Team
    San Antonio Spurs
    Join Date
    Jan 2008
    Post Count
    30,555
    Actually, it doesn't really matter much if it's encrypted. If the bug is on cross-site scripting, for example, then the hack uses the same DB routines as the site, which decrypt the data for them. This is fairly common.

    Also, mysql does not encrypt data by default for performance reasons.

    The breach is real, BTW, there are dumps of the data available. See:
    https://therecord.media/anonymous-ha...egistrar-epik/
    I was waiting for your response El.

    Sucks for Epik then.

  9. #9
    🏆🏆🏆🏆🏆 ElNono's Avatar
    My Team
    San Antonio Spurs
    Join Date
    Apr 2007
    Post Count
    143,728
    I was waiting for your response El.

    Sucks for Epik then.
    I mean, this stuff happens to Fortune 500 companies too, nothing to be ashamed of.

    The question is how they proceed with disclosure and tightening up security.

  10. #10
    Veteran
    My Team
    San Antonio Spurs
    Join Date
    Oct 2008
    Post Count
    42,619
    Lol calf

  11. #11
    LMAO koriwhat's Avatar
    My Team
    San Antonio Spurs
    Join Date
    Jan 2008
    Post Count
    30,555
    You're still a dumb bro... What exactly are you laughing about?

    You have no clue what I was talking about let alone Nono's reply. That's what's truly hilarious.

  12. #12
    dangerous floater Winehole23's Avatar
    My Team
    San Antonio Spurs
    Join Date
    Nov 2008
    Post Count
    72,921
    I mean, this stuff happens to Fortune 500 companies too, nothing to be ashamed of.

    The question is how they proceed with disclosure and tightening up security.
    Rob Monster is on it


  13. #13
    Grab 'em by the pussy Splits's Avatar
    My Team
    San Antonio Spurs
    Join Date
    Feb 2011
    Post Count
    23,840
    Btw Wordpress was mentioned which runs on a sql db and within that db each installed instance has its credentials encrypted with MD5.
    lmao MD5 is worthless

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •