• Email Us: [email protected]
  • Contact Us: +1 718 874 1545
  • Skip to main content
  • Skip to primary sidebar

Medical Market Report

  • Home
  • All Reports
  • About Us
  • Contact Us

Web host Epik was warned of a critical website bug weeks before it was hacked

September 17, 2021 by David Barret Leave a Comment

Hackers associated with the hacktivist collective Anonymous say they have leaked gigabytes of data from Epik, a web host and domain registrar that provides services to far-right sites like Gab, Parler and 8chan, which found refuge in Epik after they were booted from mainstream platforms.

In a statement attached to a torrent file of the dumped data this week, the group said the 180 gigabytes amounts to a “decade’s worth” of company data, including “all that’s needed to trace actual ownership and management” of the company. The group claimed to have customer payment histories, domain purchases and transfers, and passwords, credentials, and employee mailboxes. The cache of stolen data also contains files from the company’s internal web servers, and databases that contain customer records for domains that are registered with Epik.

The hackers did not say how they obtained the breached data or when the hack took place, but timestamps on the most recent files suggest the hack likely happened in late February.

Epik initially told reporters it was unaware of a breach, but an email sent out by founder and chief executive Robert Monster on Wednesday alerted users to an “alleged security incident.”

TechCrunch has since learned that Epik was warned of a critical security flaw weeks before its breach.

Security researcher Corben Leo contacted Epik’s chief executive Monster over LinkedIn in January about a security vulnerability on the web host’s website. Leo asked if the company had a bug bounty or a way to report the vulnerability. LinkedIn showed Monster had read the message but did not respond.

Leo told TechCrunch that a library used on Epik’s WHOIS page for generating PDF reports of public domain records had a decade-old vulnerability that allowed anyone to remotely run code directly on the internal server without any authentication, such as a company password.

“You could just paste this [line of code] in there and execute any command on their servers,” Leo told TechCrunch.

Leo ran a proof-of-concept command from the public-facing WHOIS page to ask the server to display its username, which confirmed that code could run on Epik’s internal server, but he did not test to see what access the server had as doing so would be illegal.

It’s not known if the Anonymous hacktivists used the same vulnerability that Leo discovered. (Part of the stolen cache also includes folders relating to Epik’s WHOIS system, but the hacktivists left no contact information and could not be reached for comment.) But Leo contends that if a hacker exploited the same vulnerability and the server had access to other servers, databases or systems on the network, that access could have allowed access to the kind of data stolen from Epik’s internal network in February.

“I am really guessing that’s how they got owned,” Leo told TechCrunch, who confirmed that the flaw has since been fixed.

Monster confirmed he received Leo’s message on LinkedIn, but did not answer our questions about the breach or say when the vulnerability was patched. “We get bounty hunters pitching their services. I probably just thought it was one of those,” said Monster. “I am not sure if I actioned it. Do you answer all your LinkedIn spams?”

The far right’s favorite registrar is building ‘censorship-resistant’ servers

Source Link Web host Epik was warned of a critical website bug weeks before it was hacked

David Barret
David Barret

Related posts:

  1. Guinean political prisoners freed, regional bloc to discuss coup
  2. Pakistan suggests inviting Taliban-run Afghanistan to regional forum
  3. Soccer-Premier clubs could face sanctions if they play South American players
  4. Tigray forces killed 120 civilians in village in Amhara – Ethiopia officials

Filed Under: News

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

  • The First Humans Were Hunted By Leopards And Weren’t The Apex Predators We Thought They Were
  • Earth’s Passage Through The Galaxy Might Be Written In Its Rocks
  • What Is An Einstein Cross – And Why Is The Latest One Such A Unique Find?
  • If We Found Life On Mars, What Would That Mean For The Fermi Paradox And The Great Filter?
  • The Longest Living Mammals Are Giants That Live Up To 200 Years In The Icy Arctic
  • Entirely New Virus Detected In Bat Urine, And It’s Only The 4th Of Its Kind Ever Isolated
  • The First Ever Full Asteroid History: From Its Doomed Discovery To Collecting Its Meteorites
  • World’s Oldest Pachycephalosaur Fossil Pushes Back These Dinosaurs’ Emergence By 15 Million Years
  • The Hole In The Ozone Layer Is Healing And On Track For Full Recovery In The 21st Century, Thanks To Science
  • First Sweet Potato Genome Reveals They’re Hybrids With A Puzzling Past And 6 Sets Of Chromosomes
  • Why Is The Top Of Canada So Sparsely Populated? Meet The “Canadian Shield”
  • Humans Are In The Middle Of “A Great Evolutionary Transition”, New Paper Claims
  • Why Do Some Toilets Have Two Flush Buttons?
  • 130-Year-Old Butter Additive Discovered In Danish Basement Contains Bacteria From The 1890s
  • Prehistoric Humans Made Necklaces From Marine Mollusk Fossils 20,000 Years Ago
  • Zond 5: In 1968 Two Soviet Steppe Tortoises Beat Humans To Orbiting Around The Moon
  • Why Cats Adapted This Defense Mechanism From Snakes
  • Mother Orca Seen Carrying Dead Calf Once Again On Washington Coast
  • A Busy Spider Season Is Brewing: Why This Fall Could See A Boom Of Arachnid Activity
  • What Alternatives Are There To The Big Bang Model?
  • Business
  • Health
  • News
  • Science
  • Technology
  • +1 718 874 1545
  • +91 78878 22626
  • [email protected]
Office Address
Prudour Pvt. Ltd. 420 Lexington Avenue Suite 300 New York City, NY 10170.

Powered by Prudour Network

Copyrights © 2025 · Medical Market Report. All Rights Reserved.

Go to mobile version