Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Security

Anonymous: We've Leaked Disk Images Stolen From Web Host Epik (theregister.com) 107

slack_justyb writes: As previously reported the web host Epik was hacked by a group identifying themselves with the group Anonymous. However, in the most recent leaks from this group the scale of data that was stolen is becoming apparent, and signs point to a wholesale theft of data with no stone left unturned.

We're told the dump is a 70GB archive of files and "several bootable disk images of assorted systems" that represent Epik's server infrastructure. Journalist Steve Monacelli, who broke the news of the first data release, said the latest leak expands to 300GB. "This leak appears to be fully bootable disk images of Epik servers, including a wide range of passwords and API tokens," he added.

WhiskeyNeon, a Texas-based hacker and cybersecurity expert who reviewed the file structure of the leak, told the Daily Dot how the disk images represented Epik's entire server infrastructure. "Files are one thing, but a virtual machine disk image allows you to boot up the company's entire server on your own," he said. "We usually see breaches with database dumps, documents, configuration files, etc. In this case, we are talking about the entire server image, with all the programs and files required to host the application it is serving."

Daily Dot brings some word on Epik CEO Rob Monster response to the latest news:

Epik CEO Rob Monster, who did not respond to requests for comment from the Daily Dot, would go on to hold a more than four hour long live video conference online to address the initial hack. The meeting would see Monster break out into prayer numerous times, make attempts to vanquish demons, and warn viewers that their hard drives could burst into flames due to "curses" placed on the hacked data.


This discussion has been archived. No new comments can be posted.

Anonymous: We've Leaked Disk Images Stolen From Web Host Epik

Comments Filter:
  • by flyingfsck ( 986395 ) on Thursday September 30, 2021 @01:05PM (#61848481)
    A company run by a dude called Monster, who proclaims to be very religious to the point of uttering curses and invoking daemons. Who in his/her/it/their right mind would use Epik's services after that performance?
    • by GameboyRMH ( 1153867 ) <gameboyrmh.gmail@com> on Thursday September 30, 2021 @01:24PM (#61848579) Journal

      If you're in your right mind, you're not really in Epik's customer demographic in the first place.

      • True dat. (Score:3, Interesting)

        by denzacar ( 181829 )

        If you're in your right mind, you're not really in Epik's customer demographic in the first place.

        Monster's company catered to the FAR-RIGHT kind of mind.

        Couldn't happen to a nicer bunch of guys.

        The second leak of Epik data comes just days after the Oath Keepers militia, a group who began using Epik's services in January, was allegedly hacked as well.
        The paramilitary group's emails, internal chats and data on members and donors, including those who work for the U.S. government and military, would be exposed as a result.

        Here's hoping this leads to a lot of divorces, asset forfeiture and firings. Not necessarily in that order.

        • As I was saying before some Epik FAIL'S far-right cuntstomer got his panties in a twist realizing he might be getting relieved of his job, house, family, kids, pets, a sizable chunk of future earnings and maybe even his freedom...

          If you're in your right mind, you're not really in Epik's customer demographic in the first place.

          Monster's company catered to the FAR-RIGHT kind of mind.

          Couldn't happen to a nicer bunch of guys.

          The second leak of Epik data comes just days after the Oath Keepers militia, a group who began using Epik's services in January, was allegedly hacked as well.
          The paramilitary group's emails, internal chats and data on members and donors, including those who work for the U.S. government and military, would be exposed as a result.

          Here's hoping this leads to a lot of divorces, asset forfeiture and firings. Not necessarily in that order.

        • by Anonymous Coward

          Monster's company catered to the FAR-RIGHT kind of mind.

          Couldn't happen to a nicer bunch of guys.

          At least they don't run calling themselves diverse and tolerant while proving the opposite ad-nauseum, because they don't personally know anyone that disagrees with them.

          There's plenty of delusion to go around, and nobody has a monopoly.

    • by ChitlinCookoffChamp ( 8755055 ) on Thursday September 30, 2021 @01:25PM (#61848581)
      Mr. Monster saying this dump has been CURSED and anyone downloading it will have their computer blow up was some of the funniest IT bullshit I've heard in a good minute. What a nutter.

      My cousin's friend's stepsister copied this floppy and her computer ain't blow up yet!
      • by spun ( 1352 ) <<loverevolutionary> <at> <yahoo.com>> on Thursday September 30, 2021 @02:05PM (#61848699) Journal

        I did not think Christians thought very highly of witchcraft. The God of Abraham doesn't really do curses. So who is this nutter praying to?

        • I'd like to offer a PR for a Rage song:

          - Some of those that work forces are the same that burn crosses.
          + Some of those that work forces are the same that bear crosses.

        • by gweihir ( 88907 )

          I did not think Christians thought very highly of witchcraft. The God of Abraham doesn't really do curses. So who is this nutter praying to?

          Well, the details are a bit fuzzy and I am not an expert on this "religion" thing, but it seems the only way Christians can curse enemies or things is by asking their god to do so and not by doing it themselves. At the same time this seems to be highly discouraged, with several important people (like Jesus) strongly frowning on such activity. Looks like this guy has gone over to the dark side (for really pathetic values of "dark".)

          • You don't ask the God to do it, you ask the Devil.

            • by gweihir ( 88907 )

              You don't ask the God to do it, you ask the Devil.

              Are you sure? From what I could Google, the devil can only do direct influence, actual curses are the domain of god himself. Not that any religion has a consistent story, so you may be right.

              • If you give me a link (or say what search you used) I can give you commentary which will hopefully be entertaining.

                • by gweihir ( 88907 )

                  Sorry, did not keep the link.

                  • It was a cursed link, it disappeared, slipped right out of your fingers.
                    As a general rule, the bible doesn't talk a whole lot about this (it says very little about the devil at all), but various christian groups have different traditions that are frequently derived from what their ancestors had before christianity arrived.

        • I did not think Christians thought very highly of witchcraft.

          They often believe in devilry. This man (if he is sincere) probably believes that whoever cursed the download is going to hell.

          • by spun ( 1352 )

            But if they are true Christians, how could devilry withstand the awesome power of their own faith? I never understood these new age soi dissant Christians. They are so very different from anything Christ actually professed.

            • But if they are true Christians, how could devilry withstand the awesome power of their own faith?

              If they sin by grabbing the cursed thing, then they will need to repent or whatever.

              • by spun ( 1352 )

                I give up on trying to understand these loons.

                • Oh no! You fell under the curse of confusion!

                  • by spun ( 1352 )

                    Do I have to eat somebody or drink their blood while elders chant in the background now? Or is this more of a "Chop the tip of your dick off" kind of situation? Hope it's not a "sacrifice your firstborn, psych! Haha," deal. I guess as long as God and Satan don't team up to wreck my life over a bet, I'll be okay. Ahhhh, this damn fig tree! Sure it's not actually fig season but I'm hungry and there's no figs! Curse this fig tree!

                    The confusion curse seems to be working...

                    • Generally these things can be taken care of with a quick donation to the money plate and professed repentance. But in serious cases you might need to go through a ceremony and get knocked down [youtu.be]. I recommend your penance is to subscribe to Slashdot.

        • Actually the God of Abraham does dispense curses. Check this out
          https://www.cgg.org/index.cfm/... [cgg.org]

    • Do we also get a dinner to that show?

      I mean, let's be honest here, this is the train wreck that keeps on wrecking.

      • by gweihir ( 88907 )

        Do we also get a dinner to that show?

        I mean, let's be honest here, this is the train wreck that keeps on wrecking.

        Got to admire the momentum though. Anybody sane would long ago have stopped digging themselves deeper. Only true believer manage to completely destroy themselves in this fashion.

        • There's a saying in German, it loses bit in translation, mostly its rhyme, but once your reputation is gone, you can as well drop the pretence of having any shame.

    • Invoking daemons was the problem. He should've stayed away from all that and used Jesux [slashdot.org].
    • not mind. wing.

    • He is invoking demons, not daemons! I mean, otherwise I can say my linux box is cursed, too. There are so many of them in there!

  • Don't know about you, but when I read the guy resorted to prayer and telling people not to use the data because he'd cursed it... I lost any sympathy I could have had.

    People who think that way have no right to the benefits of the technology. He ought to be doing manual labor somewhere... at least several hundred years ago.

    • by kyoko21 ( 198413 )

      I'm confident that with plenty of thoughts and prayers they will get through this test that God has graciously laid before them.

    • "People who think that way have no right to the benefits of the technology."

      that's a whole lot of people. most of them have just learned to keep their mouths shut...

  • by Inglix the Mad ( 576601 ) on Thursday September 30, 2021 @01:08PM (#61848499)
    I mean, jesuchristo, this is a total security fail.
    • Rob Monster’s password was his middle name.

    • Re: (Score:3, Interesting)

      by retchdog ( 1319261 )

      Why bother with security? Fleece the sheep and just put on a circus act if you get caught, they're sheep ffs, then start a new company "dedicated to taking freezepeach back from teh libs," rinse and repeat.

      The point isn't a stable, security service roflmao; the point is $$$.

  • HP Firewall (Score:5, Funny)

    by kyoko21 ( 198413 ) on Thursday September 30, 2021 @01:17PM (#61848545)

    I guess their "HP" branded firewall of "hope and prayers" didn't seem to do a very good job of thwarting out the would be bad actors....

    Here are some thoughts and prayers for the company and all those affected by this terrible tragedy.

  • We've Leaked Disk Images Stolen From Web Host Epik

    There are pictures of disks all over the internet. Are Epik's a fancy color or have cute stickers on them? :-)

  • by wgoodman ( 1109297 ) on Thursday September 30, 2021 @01:41PM (#61848631)

    They're not cursed, they're just running Windows ME.

  • by Anonymous Coward
    to a nicer bunch of Neo-Nazis. Aren't the right-wingers the same ones who claim "if you have nothing to hide" etc. when it comes to law enforcement? Seems like this leak should be no big deal to them ...
    • Well of course, if they were worried about their data going public they would not have entrusted it to that Rob monster. Praise the lard.

      • And yet the Daily Dot has this:

        ‘Privacy rights are civil rights’: Why Biden’s pick for FTC signals a new effort to protect user data

        Both ironic in it's own way, not to mention do right-wingers have a right to privacy?

        • Re: (Score:2, Insightful)

          by Anonymous Coward

          Terrorists don't have a right to privacy, whether they're right wing or not. And the truth is a sizable amount of the right wing has lurched well and truly into terrorism territory over the last few years: threats against journalists, threats against the left particularly AOC and Pelosi, encouraging rogue elements in the police to murder black people, and the recent attempts to engage in practical mass murder by weaponizing COVID and using the public school system to spread it, while running disinformation

  • by Malays2 bowman ( 6656916 ) on Thursday September 30, 2021 @02:23PM (#61848765)

    Seems standard cut and dry stuff. But then there is this little gem at the end of TFS:

    "Epik CEO Rob Monster, who did not respond to requests for comment from the Daily Dot, would go on to hold a more than four hour long live video conference online to address the initial hack. The meeting would see Monster break out into prayer numerous times, make attempts to vanquish demons, and warn viewers that their hard drives could burst into flames due to "curses" placed on the hacked data."

    Oooh..kay. The lunatic element here made this story a bit more interesting, and now it piqued my interest to see the tidbits from the mind of a madman that may be in those disk images.

    • The capital riots militia group should be just as worrying, and they were breached too. A right-winger with a microphone is one thing. A right-winger with a gun should be more worrying.

  • "...data that was stolen..."
    It is impossible to steal data.
    • If anything it means that Epik now has an incredibly resilient backup.

    • Till the people who use that line are affected by such "stealing" it will always be that way. After? Just watch.

    • by mjwx ( 966435 )

      "...data that was stolen..."

      It is impossible to steal data.

      Erm...

      https://dictionary.cambridge.o... [cambridge.org]

      Yes it is entirely possible to take data without the permission of the owner. In fact that is exactly what happened here.

      Beyond this technical accuracy... Everyone with a basic understanding of the English language knows what the sentence means. Trying to argue technical errors whilst ignoring the context of the word in the sentence only makes you look dumb.

  • by gweihir ( 88907 ) on Thursday September 30, 2021 @02:42PM (#61848839)

    Is this guy somehow clinically insane?

  • by Anonymouse Cowtard ( 6211666 ) on Thursday September 30, 2021 @03:57PM (#61849095) Homepage
    I clicked through for the lulz. Prayers, curses, a Monster and RWNJs getting pwned, d0xed and now gang stalked. I wasn't disappointed. Thank you Anonymous.
  • What an Epik payload for malware...

No man is an island if he's on at least one mailing list.

Working...