Notification of breach, cybercrime, fraud management and cybercrime
This is the 3rd attack involving the American web hosting service Epik
The hacktivist collective Anonymous carried out an attack involving Washington-based domain name registration and web hosting service Epik for the third time, according to a freelance reporter from Texas Steven monacelli, which also announced the news of the last two instances (see: Anonymous Epik Data Leaks – Again).
See also: March orders: understanding and complying with the new cybersecurity standards of the Biden administration
This time around, the group leaked data belonging to one of Epik’s clients, the Texas Republican Party – aka the Texas GOP, according to Monacelli. The leaked dataset, he says, citing an article by Anonymous, contains sensitive information from GOP data backup servers, including private documents, a database, and draft articles that don’t. have never been published, among others.
Entitled “You Lost The Game,” the latest round of data leaks, according to the tweet, was posted to a forum on Monday. In the post, Anonymous claims that the Texas GOP set is the second batch of bootable disk images of Epik’s servers – after the one on September 27 – and includes data from the GOP backup server.
A Texas GOP spokesperson told Information Security Media Group that the incident was reported to the FBI and is currently under investigation. “The reported information leak stems from a September 13, 2021 attack on Epik, the web hosting provider, which was used by many organizations, including the Texas Republican Party,” the spokesperson said. .
According to Monacelli, the Texas GOP website was also compromised by Anonymous on September 11. The hacktivist group, he says, has degraded the entire website, including its registration, donation and contact pages, by posting derogatory messages about the Republican Party and its ideologies.
– steven monacelli (@stevanzetti) September 11, 2021
The downgrade of the Texas GOP website is linked to the controversial new Texas abortion law, known as Senate Bill 8, aka Heartbeat Act. The law, which came into effect on September 1, prohibits abortion after six weeks of pregnancy and also gives state residents the ability to prosecute anyone who violates or helps others to violate this law.
Anonymous at the time said the law was “far-right”, so the group targeted Epik, which hosts other far-right sites, such as Parler, 8chan, Gab and BitChute. “This dataset is all that is needed to trace the actual ownership and management of the fascist side of the Internet that has eluded researchers, activists and, well, just about everyone,” the hacktivists say.
Roger Grimes, a data-driven defense evangelist at KnowBe4, told the ISMG that while there appears to be an upsurge in hacktivist activity lately, Anonymous and other groups are actively posting private content. for over two decades.
“Anonymous is not even the same hackers. … These are different people who choose to organize themselves under the same well-known banner. You can’t stop it any more than you can stop all cybercrime and malware. do hacktivist activities and you solve all internet crimes, ”he said.
Can law enforcement help? Nor can they against any cybercriminal or group, says Grimes.
“Law enforcement arrest cybercriminals from time to time. Hell, they’ve already arrested Anonymous’s top executives, turned one of its executives into a mole and snitch, and slaughtered the whole group for years. But I guess the new group is smarter, more anonymous to each other and less likely to turn on each other, ”he says.
“I guess even if the police cared enough about prosecuting Anonymous, prosecuting them would be difficult. Putting a hacker in jail is a rare occurrence. We don’t identify, charge, arrest, and put in prison 1 in 1,000. Internet crime is one of the least risky and most lucrative crimes a criminal can commit, which is why it is so prevalent. “
Because Operation Epik Fail is likely to have affected other Epik customers as well, Grimes recommends that every person and organization take action against social engineering, patch software, use multi-factor authentication, ‘educate people and use unique passwords on every website and service.
Previous data dumps
On September 13, Monacelli first issued a statement from Anonymous, detailing the attackers’ motives for hitting Epik, as part of his “#OperationJane” efforts (see: Breach of web host Epik reveals 15 million email addresses).
The first data dump consisted of over 180 GB of data, including 15 million email addresses and corresponding personal details of not only Epik’s own customers and systems, but also the details of millions of other people and organizations whose information was retrieved via “Whois” requests from domain name registrars, the free Have I Been Pwned violation notification service has been confirmed.
Although Epik initially claimed to be “unaware of the breach,” its CEO, Rob Monster, later clarified in a lengthy question-and-answer session conducted virtually that the data likely came from a backup that had been “intercepted”.
The second leaked dataset, which Anonymous calls The / b / Sides, is “larger than the first” and contains 300GB of information, Monacelli said, citing an unidentified security researcher who verified the set. data (see: Anonymous Epik Data Leaks – Again).
As proof of their claims, Anonymous attached “several boot disk images of assorted systems” in the form of a 70 GB torrent file with the press release. Security researchers WhiskeyNeon and INIT_3 used the contents of this file to confirm their claims about the data leaks.