Anonymous: We've Leaked Disk Images Stolen From Web Host Epik (theregister.com) 107
We're told the dump is a 70GB archive of files and "several bootable disk images of assorted systems" that represent Epik's server infrastructure. Journalist Steve Monacelli, who broke the news of the first data release, said the latest leak expands to 300GB. "This leak appears to be fully bootable disk images of Epik servers, including a wide range of passwords and API tokens," he added.
WhiskeyNeon, a Texas-based hacker and cybersecurity expert who reviewed the file structure of the leak, told the Daily Dot how the disk images represented Epik's entire server infrastructure. "Files are one thing, but a virtual machine disk image allows you to boot up the company's entire server on your own," he said. "We usually see breaches with database dumps, documents, configuration files, etc. In this case, we are talking about the entire server image, with all the programs and files required to host the application it is serving."
Daily Dot brings some word on Epik CEO Rob Monster response to the latest news:
Epik CEO Rob Monster, who did not respond to requests for comment from the Daily Dot, would go on to hold a more than four hour long live video conference online to address the initial hack. The meeting would see Monster break out into prayer numerous times, make attempts to vanquish demons, and warn viewers that their hard drives could burst into flames due to "curses" placed on the hacked data.
The gods must be crazy (Score:5, Insightful)
Re:The gods must be crazy (Score:5, Funny)
If you're in your right mind, you're not really in Epik's customer demographic in the first place.
True dat. (Score:3, Interesting)
If you're in your right mind, you're not really in Epik's customer demographic in the first place.
Monster's company catered to the FAR-RIGHT kind of mind.
Couldn't happen to a nicer bunch of guys.
The second leak of Epik data comes just days after the Oath Keepers militia, a group who began using Epik's services in January, was allegedly hacked as well.
The paramilitary group's emails, internal chats and data on members and donors, including those who work for the U.S. government and military, would be exposed as a result.
Here's hoping this leads to a lot of divorces, asset forfeiture and firings. Not necessarily in that order.
Re: (Score:3)
As I was saying before some Epik FAIL'S far-right cuntstomer got his panties in a twist realizing he might be getting relieved of his job, house, family, kids, pets, a sizable chunk of future earnings and maybe even his freedom...
If you're in your right mind, you're not really in Epik's customer demographic in the first place.
Monster's company catered to the FAR-RIGHT kind of mind.
Couldn't happen to a nicer bunch of guys.
The second leak of Epik data comes just days after the Oath Keepers militia, a group who began using Epik's services in January, was allegedly hacked as well.
The paramilitary group's emails, internal chats and data on members and donors, including those who work for the U.S. government and military, would be exposed as a result.
Here's hoping this leads to a lot of divorces, asset forfeiture and firings. Not necessarily in that order.
Re: (Score:2)
Monster's company catered to the FAR-RIGHT kind of mind.
Couldn't happen to a nicer bunch of guys.
At least they don't run calling themselves diverse and tolerant while proving the opposite ad-nauseum, because they don't personally know anyone that disagrees with them.
There's plenty of delusion to go around, and nobody has a monopoly.
Re:The gods must be crazy (Score:5, Funny)
My cousin's friend's stepsister copied this floppy and her computer ain't blow up yet!
Re:The gods must be crazy (Score:5, Interesting)
I did not think Christians thought very highly of witchcraft. The God of Abraham doesn't really do curses. So who is this nutter praying to?
Re: (Score:2)
I'd like to offer a PR for a Rage song:
- Some of those that work forces are the same that burn crosses.
+ Some of those that work forces are the same that bear crosses.
Re: (Score:3)
I did not think Christians thought very highly of witchcraft. The God of Abraham doesn't really do curses. So who is this nutter praying to?
Well, the details are a bit fuzzy and I am not an expert on this "religion" thing, but it seems the only way Christians can curse enemies or things is by asking their god to do so and not by doing it themselves. At the same time this seems to be highly discouraged, with several important people (like Jesus) strongly frowning on such activity. Looks like this guy has gone over to the dark side (for really pathetic values of "dark".)
Re: (Score:2)
You don't ask the God to do it, you ask the Devil.
Re: (Score:2)
You don't ask the God to do it, you ask the Devil.
Are you sure? From what I could Google, the devil can only do direct influence, actual curses are the domain of god himself. Not that any religion has a consistent story, so you may be right.
Re: (Score:2)
If you give me a link (or say what search you used) I can give you commentary which will hopefully be entertaining.
Re: (Score:2)
Sorry, did not keep the link.
Re: (Score:2)
It was a cursed link, it disappeared, slipped right out of your fingers.
As a general rule, the bible doesn't talk a whole lot about this (it says very little about the devil at all), but various christian groups have different traditions that are frequently derived from what their ancestors had before christianity arrived.
Re: (Score:2)
I did not think Christians thought very highly of witchcraft.
They often believe in devilry. This man (if he is sincere) probably believes that whoever cursed the download is going to hell.
Re: (Score:3)
But if they are true Christians, how could devilry withstand the awesome power of their own faith? I never understood these new age soi dissant Christians. They are so very different from anything Christ actually professed.
Re: (Score:2)
But if they are true Christians, how could devilry withstand the awesome power of their own faith?
If they sin by grabbing the cursed thing, then they will need to repent or whatever.
Re: (Score:3)
I give up on trying to understand these loons.
Re: (Score:2)
Oh no! You fell under the curse of confusion!
Re: (Score:1)
Do I have to eat somebody or drink their blood while elders chant in the background now? Or is this more of a "Chop the tip of your dick off" kind of situation? Hope it's not a "sacrifice your firstborn, psych! Haha," deal. I guess as long as God and Satan don't team up to wreck my life over a bet, I'll be okay. Ahhhh, this damn fig tree! Sure it's not actually fig season but I'm hungry and there's no figs! Curse this fig tree!
The confusion curse seems to be working...
Re: (Score:2)
Generally these things can be taken care of with a quick donation to the money plate and professed repentance. But in serious cases you might need to go through a ceremony and get knocked down [youtu.be]. I recommend your penance is to subscribe to Slashdot.
Re: (Score:2)
Actually the God of Abraham does dispense curses. Check this out
https://www.cgg.org/index.cfm/... [cgg.org]
Re: (Score:2)
Do we also get a dinner to that show?
I mean, let's be honest here, this is the train wreck that keeps on wrecking.
Re: (Score:2)
Do we also get a dinner to that show?
I mean, let's be honest here, this is the train wreck that keeps on wrecking.
Got to admire the momentum though. Anybody sane would long ago have stopped digging themselves deeper. Only true believer manage to completely destroy themselves in this fashion.
Re: (Score:2)
There's a saying in German, it loses bit in translation, mostly its rhyme, but once your reputation is gone, you can as well drop the pretence of having any shame.
Should've used Jesux (Score:3)
Re:Should've used Jesux (Score:5, Funny)
Problem is, he used systemd to do it.
I haven't used a Unix in a while (Score:2)
Re: (Score:2)
The Cult became a lot more boring since we replaced the good old fashioned spilling goat blood over a pentagram in a dark cave lit by candles, with systemd. I want the goat blood back.
TempleOS ;) (Score:2)
TempleOS ;)
Re: (Score:2)
not mind. wing.
Re: (Score:3)
He is invoking demons, not daemons! I mean, otherwise I can say my linux box is cursed, too. There are so many of them in there!
Re:Weird how the media's 'ethics' change so fast (Score:5, Insightful)
Boo fucking hoo. You poor oppressed nutjob. What fucking consensus on not reporting hacked data? Slashdot and other tech sites report on hacks all the time you loon. What made you think tech sites don't report hacks or "hacked data?"
Funny how sanity goes right out the window when you join the alt-right death cult.
Re: (Score:2)
Ah, so "reporting" equals "celebrating" now. I see what you did there. You probably think you're pretty clever too, don't you?
Re: (Score:2)
You're wrong. You don't understand blatant sarcasm. Are you autistic?
Re:Weird how the media's 'ethics' change so fast (Score:4, Insightful)
What massive censorship campaign? Look, most of America does not live in your information bubble. What seems obvious to you, is not obvious to normal people.
Now, based on what some other chode said, i think this refers to Hunter Biden's laptop? The one that nobody could ever prove was his? The one that Drunk Uncle Rudy found in a pawn shop run by some backwoods hick, in a place 1,000 miles from anywhere Hunter had ever lived? That laptop? Yeah, hmmm. I wonder why no reputable news source covered that. Wait. They all did! It was on the news fucking everywhere, you absolute loon.
Stop pretending to be oppressed. Jesus you fuckers have a martyr complex. It makes you look weak, you know that, right?
Re: (Score:2)
TL;DR. What a moron, why would you think I'd read this shit? You lose.
Re: (Score:2)
Re:Weird how the media's 'ethics' change so fast (Score:5, Insightful)
Yeah, funny how that laptop that was given to Drunk Uncle Leaky Hair by some unnamed repair shop tech 1,000 miles from anywhere Hunter lived has never been proven to have anything actionable on it.
Fuck you asshole, I am not trying to win an argument with you fascist fucks on merit. You absolutely never admit it even when you've had your dick knocked in the dirt for everyone to see. You don't argue in good faith. The only thing you understand is force, violence, ugliness, and domination. So I play the only game you seem to know. And I win. Every time. Because deep down, you're all scared little children, pretending to be big, strong men. Like any bully, you crumple at the first sign that your victim is prepared to fight back.
Re: (Score:3)
You've still got nothing. And the original point was dumb, everyone heard about the so called Hunter Biden laptop. But nothing could ever be proven, so the news moved on. Because you guys are absolute clowns. I mean, you had the laptop. You could have taken it in front of a judge. Sued Hunter. And the news would have eaten that shit up. But you couldn't. Why?
Because it's fake as fuck and no lawyer was willing to risk getting disbarred, not even Hairleak Giuliani.
Re: (Score:3)
Someone is probably sore that the Hunter Biden thing turned into a big nothingburger. A laptop! A laptop! Which contained nothing of interest other than a few boring emails that really amounted to nothing more than everyday requests people make all the time.
The problem was likely the email was real (confirmed), but that was it. The whole story of a lost laptop
Re: (Score:3)
Never heard that one before. Reporting on leaks is pretty important, we need to know who is being careless with our personal data and what might have been compromised.
There is a certainly a convention that you don't include links to the actual files in the reporting, but nothing about not reporting it.
Re: (Score:2)
Who has ever made such a claim?
Re: (Score:2)
Weird, I thought there was some consensus on not reporting on hacked data, but it's interesting how that goes right out the window as soon as someone you don't like gets hacked...
There never was a consensus of this type or even any real discussion whether there should be such a consensus. You are fantasizing.
Down here in actual reality, data breaches get reported on because it is important as an early warning to others.
Re: (Score:2)
Well... God will help I guess (Score:1)
Don't know about you, but when I read the guy resorted to prayer and telling people not to use the data because he'd cursed it... I lost any sympathy I could have had.
People who think that way have no right to the benefits of the technology. He ought to be doing manual labor somewhere... at least several hundred years ago.
Re: (Score:2)
I'm confident that with plenty of thoughts and prayers they will get through this test that God has graciously laid before them.
Re: (Score:2)
"People who think that way have no right to the benefits of the technology."
that's a whole lot of people. most of them have just learned to keep their mouths shut...
Did Epik have only one layer of "security"? (Score:3)
Re: (Score:3)
Rob Monster’s password was his middle name.
Re: (Score:3, Interesting)
Why bother with security? Fleece the sheep and just put on a circus act if you get caught, they're sheep ffs, then start a new company "dedicated to taking freezepeach back from teh libs," rinse and repeat.
The point isn't a stable, security service roflmao; the point is $$$.
Re:Did Epik have only one layer of "security"? (Score:4, Interesting)
Just sayin' mate, they stepped in it by trying to "cancel" everything they disagreed for decades, including banning books. Them objecting now citing free speech is a bit rich, to put it politely.
Re: (Score:1)
The state of political discourse n the USA has devolved down to "But hypocrisy is OK when we do it !!"
There is a very old saying about all this which goes:"A foolish consistency is the hobgoblin of tiny minds". And just IMHO, the hypocrisy and sell-out crowd have no honor whatsoever. That is why they demand everyone to honor them. Ultimately one can't lie to oneself very well.
Re: (Score:1)
Cartels tend to know what they are doing, and don't just rely on intimidation value alone, because the long arm of the law is probably probing at their armor at all times, be it a nation-state, Interpol, or a private security org. So, most likely they have their juicy stuff offline, and under the radar.
If the RW knew what they were doing, they would have a "MAGA Hat Linux" out by now, with en_RN for a language (which appeared in Red Hat Linux 5.2.) It would be thoroughly patched, vetted by good researcher
Re: (Score:3)
Re: (Score:2)
It doesn't do what you think it does. It increases their donations and they get to show they are being attacked for doing "God's" work.
Going after the cartel would definitely be more impressive and do more good for the world. That said, does Anonymous pretend to be whitehats?
Re:"Anonymous" is bullshit, they're chickens (Score:5, Insightful)
You've forgotten who anonymous are. Or, rather, you've forgotten WHY anonymous are. They're not out there to assist law enforcement. They don't care about one political party or the other. They're not righteous, nor are they wicked. They do it for the lulz.
All that's happened here is, after have forgotten for quite a long while, Anonymous have remembered that conservative tears are just as delicious as liberal tears. And when the result of an Anon raid is some stark-raving right-wing loon literally named "Monster" jumping up on camera in public trying to exorcise them and place pyrotechnic curses on the leaked data; they've scored quite a LOT of lulz. So, expect them to continue.
Re: (Score:2)
I haven't really seen anonymous pursue any of what people commonly consider left wing.
Re: (Score:2)
VM infrastructure is fine on Linux. Linux, vmware, and Windows are all insecure if used poorly. As of late, vmware has had the most severe remote vulnerabilities which just demonstrates the need to keep them all up to date.
If authentication is nothing but weak passwords, which is common when the admins feel like they have a 'trusted' network, no amount of update diligence will protect you.
Even some more diligent places I've seen do something stupid like put OS images on an unauthenticated NAS box (well, t
Re: (Score:2)
which is why zero trust is the new security model used almost everywhere, or should be. Its the only way to fly in the cloud, and its better approach even in your secure data center.
Strong secrets, and mutual authentication between systems.
HP Firewall (Score:5, Funny)
I guess their "HP" branded firewall of "hope and prayers" didn't seem to do a very good job of thwarting out the would be bad actors....
Here are some thoughts and prayers for the company and all those affected by this terrible tragedy.
Re: (Score:2)
They didn't use HP - they thought it meant Harry Potter.
Re: (Score:3)
It wasn't a Hewlett-Packard firewall, it was a Hallelujah-PraiseJesus
What am I missing? (Score:2, Funny)
We've Leaked Disk Images Stolen From Web Host Epik
There are pictures of disks all over the internet. Are Epik's a fancy color or have cute stickers on them? :-)
Re: (Score:2)
RTFA, in this case the one linked to on the subject line. https://www.theregister.com/2021/09/30/anonymous_second_epik_dump/ [theregister.com]. All will be revealed.
Cursed? (Score:3)
They're not cursed, they're just running Windows ME.
Re: (Score:3)
That's the textbook definition of a curse, I'd say.
Couldn't have happened (Score:2, Interesting)
Re: (Score:2)
Well of course, if they were worried about their data going public they would not have entrusted it to that Rob monster. Praise the lard.
Re: (Score:2)
And yet the Daily Dot has this:
‘Privacy rights are civil rights’: Why Biden’s pick for FTC signals a new effort to protect user data
Both ironic in it's own way, not to mention do right-wingers have a right to privacy?
Re: (Score:2, Insightful)
Terrorists don't have a right to privacy, whether they're right wing or not. And the truth is a sizable amount of the right wing has lurched well and truly into terrorism territory over the last few years: threats against journalists, threats against the left particularly AOC and Pelosi, encouraging rogue elements in the police to murder black people, and the recent attempts to engage in practical mass murder by weaponizing COVID and using the public school system to spread it, while running disinformation
Cookie cutter hack story... (Score:3)
Seems standard cut and dry stuff. But then there is this little gem at the end of TFS:
"Epik CEO Rob Monster, who did not respond to requests for comment from the Daily Dot, would go on to hold a more than four hour long live video conference online to address the initial hack. The meeting would see Monster break out into prayer numerous times, make attempts to vanquish demons, and warn viewers that their hard drives could burst into flames due to "curses" placed on the hacked data."
Oooh..kay. The lunatic element here made this story a bit more interesting, and now it piqued my interest to see the tidbits from the mind of a madman that may be in those disk images.
Re: (Score:3)
The capital riots militia group should be just as worrying, and they were breached too. A right-winger with a microphone is one thing. A right-winger with a gun should be more worrying.
Slashdot: News for Nerds ... not (Score:2, Insightful)
It is impossible to steal data.
Re: (Score:2)
If anything it means that Epik now has an incredibly resilient backup.
Re: (Score:2)
Till the people who use that line are affected by such "stealing" it will always be that way. After? Just watch.
Re: (Score:2)
"...data that was stolen..."
It is impossible to steal data.
Erm...
https://dictionary.cambridge.o... [cambridge.org]
Yes it is entirely possible to take data without the permission of the owner. In fact that is exactly what happened here.
Beyond this technical accuracy... Everyone with a basic understanding of the English language knows what the sentence means. Trying to argue technical errors whilst ignoring the context of the word in the sentence only makes you look dumb.
"Curses" on data? (Score:3)
Is this guy somehow clinically insane?
Re: (Score:3, Insightful)
> Is this guy somehow clinically insane?
It's considered impolite to say that about any religious beliefs.
Re: (Score:2)
So accurate, but you do not point that out?
Re: (Score:2)
I'm sure he meant "ncurses".
for teh lulz (Score:5, Funny)
Don't tempt saying it's cursed (Score:1)