By Heidi Cuda and Zev Shalev
Anonymous hacks a vast right-wing internet hosting network. The hack of Epik yields 180 GB of data from the deepest depths of American depravity and exposes thousands of extremist figures, media, activists and politicians.
We knew Operation Jane was coming. The hacktivist group Anonymous announced it was going to mess with Texas over its draconian abortion law, and it did.
Heidi woke up Saturday morning and saw that Texas-Gop.Org, the official Texas GOP site was hacked. She screenshotted the home page before they took down server, and the site was “Rickrolled,” with a full-length video of Rick Astley. The hacktivists also posted and image of “Goatse”–a grotesque symbol of a naked man’s large anus. Goatse is early internet trauma meme, and for Anonymous, the posting of the members is like leaving a calling card. It is also intended to associate disgust with the GOP.
Along with a banner naming Ted Cruz as the Zodiac Killer, Anonymous made it clear to those who visited the site, they are taking direct fire at America’s growing authoritarianism. The evidence? Two days later, Anonymous took credit for a massive hack of the server and proved it by dumping 180 gigabytes of data from its exploit of the server and its hosting company, Epik.
Epik hosts a myriad of extreme right websites and social media sites. Epik’s CEO Rob Monster refers to himself as a “Christian libertarian” in his bio, and did not respond to comment for this story.
“This seems like the work of some old school hackers, based on the use of inside jokes, who are trying to retaliate against the rise of authoritarianism,” said Steven Monacelli, the independent investigative journalist in Dallas, Texas, who broke the story of the Epik hack. The data was made available to journalists and researchers at ddosecrets.com/wiki/epik.
Epik has been associated with such sites as GAB, InfoWars, Parler, the Daily Stormer, the app QAlerts, and TexasGop.org. Strange optics, that the GOP of Texas would be associated with sites linked to white nationalism and trauma inducing imagery.
Her sherpa in the murky world of Anonymous is Josh Fidel, a technologist dedicated to exposing and combatting the bastardry of the Q’s, and he said: “Epik is the hosting site for alt-right nazis, and theocratic fascists… and anonymizes them so the public can’t see who is behind them.”
“What Anonymous did was went in behind the scenes and ripped out Epik’s last ten year’s of data out and is showing the world who these people are and what they’re doing,” he said. “That could be very troubling for the people who ran those accounts. The world is going to see just what kind of evil lurks in the hearts of men.”
Fidel described Anonymous “as a gigantic toddler with very sharp knives, who you don’t want to piss off, but every now and then they cut the right target.
“They’re feral children, the lost boys of the internet, and and as they grow older, they’re trying to do better.”
Monacelli said the massive leak that has occurred with Epik may help reveal the network topology of the far right, “who is doing what, and where the intersectionality is.
“Whether it will reveal criminal activity is a fair hunch,” he said. “It could trigger some abuse complaints, but all that remains to be seen.”
OSINT researchers are beginning to reveal names linked to unsavory domains. Zev brought us the story on Narativ Live about a pro-Kremlin operative named Charles Bausman, with ties to cult leader Sean Moon, who hosted pre-Insurrection events at his Pennsylvania properties before fleeing to Moscow. Well, Josh Fidel and his team found Bausman-owned sites listed in the Epik dump.
“There will likely be a lot of light shone online revealing the underbelly of the far right that has been shielded from scrutiny until now by Epik’s anonymization of these sites,” said Monacelli. “It may help reveal the early drip of how disinformation is seeded out.”
Monacelli became an independent reporter after working in corporate tech, which he said felt like being a “stormtrooper on the Death Star.”
Both the hack of TexasGop.Org and Epik revealed a technical ineptness by those who appear to be facilitating what appears to be some kind of evil.
The Twitter site that is distributing the domain names and owners appearing on Epik sites, “Epik Fail Data Leaks,” which can be found at @epikfailsnippet, sent Narativ Live the following:
“At the very least, Epik is guilty of the laziest design possible. They should have segmented their user’s data across various databases, utilized multiple access credentials, and only user then should’ve had access to their production application.
“Instead… they charged their customers an additional fee to ‘protect their data’ (via a Domain Add-On from http://Anonymize.com) and when a customer would sign up, Anonymize would assign them a UserID. Unfortunately, Epik chose to use that UserID as the prefix for the domain’s WHOIS registration’s contact email address. Thus, providing the keys to go directly from domain name to ‘anonymous’ domain owner with one line of code.
“It’s clear that Customer Protection was not part of Epik’s culture. This is evident by passwords stored as plaintext and unhashed credit cards with expiration dates in the future.”
Epik’s CEO Monster held a post-breach prayer meeting. Anonymous was on the guest list.