A digital space with text.

rawpixel (CC-BY)

New leak of Epik data exposes company’s entire server

Anonymous is calling the second leak ‘the /b/ sides.’


Mikael Thalen


The hacking collective Anonymous has released what it claims to be new data from the controversial web hosting company Epik.

In a press release on Tuesday, the hacktivist group announced what it has dubbed as “The /b/ Sides,” or part two of “Operation EPIK FAIL.”

Anonymous took credit earlier this month for breaching Epik, known for hosting far-right websites such as Gab, Parler, and TheDonald, before releasing an 180GB cache of the domain registrar’s data. The hack affected more than 15 million people and exposed names, physical addresses, passwords, credit card numbers, emails, and more.

Now, the hacktivist collective says it has leaked “several bootable disk images of assorted systems” in a roughly 70GB torrent file.

“[Y]ou didn’t think we completely dominated Epik and merely ran off with some databases and a system folder or two, did you?” the press release states. “We are Anonymous. Flexing as hard as we can is how we do a barrel roll (Press Z or R twice!).”

In Body Image

WhiskeyNeon, a Texas-based hacker and cybersecurity expert who reviewed the file structure of the leak, told the Daily Dot how the disk images represented Epik’s entire server infrastructure.

“Files are one thing, but a virtual machine disk image allows you to boot up the company’s entire server on your own,” he said. “We usually see breaches with database dumps, documents, configuration files, etc. In this case, we are talking about the entire server image, with all the programs and files required to host the application it is serving.”

The data includes API keys and plaintext login credentials for not only Epik’s system but for Coinbase, PayPal, and the company’s Twitter account.

Following the first leak, Epik initially denied it was aware of any breach before later conceding that it was looking into “an alleged security incident.”

Epik CEO Rob Monster, who did not respond to requests for comment from the Daily Dot, would go on to hold a more than four hour long live video conference online to address the initial hack. The meeting would see Monster break out into prayer numerous times, make attempts to vanquish demons, and warn viewers that their hard drives could burst into flames due to “curses” placed on the hacked data.

Monster admitted during the call that an unknown individual had attempted to steal $100,000 after getting ahold of his Coinbase API key.

The leak would uncover everything from right-wing domains targeted with subpoenas and attempts by conservative Ali Alexander to hide his ties to election fraud conspiracy websites in the wake of the Jan. 6 Capitol riot.

The second leak of Epik data comes just days after the Oath Keepers militia, a group who began using Epik’s services in January, was allegedly hacked as well. The paramilitary group’s emails, internal chats and data on members and donors, including those who work for the U.S. government and military, would be exposed as a result.

Read more about the far right

Donation site used by Freedom Convoy suffers 3rd data leak in two weeks
A fake company duping trans people into joining a documentary appears to be the work of the Daily Wire’s Matt Walsh
‘It was too easy’: How a spy from the Ram Ranch resistance infiltrated and seized anti-vax trucker chat rooms
Marjorie Taylor Greene tries to call Capitol Police the ‘Gestapo,’ says ‘gazpacho’ instead
Sign up to receive the Daily Dot’s Internet Insider newsletter for urgent news from the frontline of online.

The Daily Dot