On the one hand, I guess we should possibly be concerned about broader implications for internet security for the rest of us (unless Epik’s security was uniquely bad?). On the other hand, this is fantastic and hilarious, and will likely result in some significant good in the world. (She says, hopefully, while also remembering the minimal impact of similar-ish data dumps such as the Panama Papers.)
posted by eviemath at 3:30 PM on September 21, 2021 [13 favorites]

This is the information age-equivalent of punching Nazis, and I'm all for it. Especially since most of these Nazis continue to act out in violent ways against civil society, using technology to coordinate their activities. Anything that slows them down and makes their lives more difficult seems like a net good for everyone, in the long run.
posted by They sucked his brains out! at 3:35 PM on September 21, 2021 [39 favorites]

Thanks for the round up. I've been following this on the side just marveling at it all. So fucking dumb, just mindbogglingly lazy and terrible. I'm so grateful to the hackers for all the work, and just so excited for all these terrible, lazy, stupid, nazi pieces of shit to be outed to each other for the dumb marks they are.
posted by Uncle at 3:36 PM on September 21, 2021 [4 favorites]

unless Epik’s security was uniquely bad

I don't know about uniquely, but it's definitely bad practice to store sensitive information insecurely. It's not surprising, however, that the kind of idiots who buy into right-wing nonsense might also be the kind of idiots to be bad at other things, like running a domain registrar or perhaps tying their own shoes. If you had asked me prior to this incident whether I thought Epik was more or less likely than $AVERAGE_REGISTRAR to suffer a data breach, I definitely would've said "more likely."
posted by axiom at 3:36 PM on September 21, 2021 [10 favorites]

Unfortunately, none of this info will prompt any meaningful repercussions. We’re at a point where these people can just shrug and keep on naziing.
posted by Thorzdad at 3:46 PM on September 21, 2021 [4 favorites]

I got an alert through Firefox monitor that my email and phone number appeared in the Epik breach. AFAIK, I have never subscribed to any Epik services and can't find reference to it in 12 years of emails. Anyone know if they subsumed another provider or went under another name?
posted by Thella at 3:47 PM on September 21, 2021 [1 favorite]

subscribed to any Epik services and can't find reference to it in 12 years of emails. Anyone know if they subsumed another provider or went under another name?
I believe the relevant part to this that, for unclear reasons, they scraped WHOIS data and stored it, so if you owned a domain there's a chance your data's *also* in there.
posted by CrystalDave at 3:49 PM on September 21, 2021 [10 favorites]

Epik CEO Rob Monster (sic) responded via a video call

I'm not a crisis response advisor, but I'm going to go out on a limb and say of all the things an executive should do post-breach (sorry "while the matter is under investigation"), I'm just going to say getting on what appears to be a video call with an unmoderated chat channel, and respond to questions in real time from internet randoms for over three hours is not one of those things. The transcript of that video is here

To say that transcript goes off the rails is short selling it. I'll go out on a limb again and say legal counsel wasn't involved - extract of a hot mess below.

Unidentified: I bet God could create technology that couldn’t be hacked.

Rauhauser: The problem is… what Kirt has said there is sort of the philosophical view. And I think it’s true, everything can be hacked. But the question is, do you have the time, the money, enough matter in the universe to convert into computing power in order to do it? And the goal…

HF: And amphetamines, Neal. Amphetamines.

Rauhauser: Yeah, okay, that might be a consideration…

Unidentified: That’s true, the stimulants, they definitely do help out.

Unidentified: Can I just say? Cocaine, hell of a drug, bro.

Unidentified: Facts.

Monster: [reading the chat, not visible] Hellbat wants to know, [crosstalk] what do I know about gematria. Do you guys know about gematria? It’s kind of interesting.

Unidentified: Amphetamines are just the natural way to go, you know?

Unidentified: Yeah, it’s some kind of woo woo bullshit.

Monster: I think it’s kind of fascinating. The universe is defined by a lot of math. You look at the music and tones…
posted by inflatablekiwi at 3:55 PM on September 21, 2021 [30 favorites]

God I could quote that transcript all day long. I mean over two hours in the most burning question arises........WHERE IS CHAD? WHO HAS SEEN CHAD?

Monster, 2:20:16: [reading the chat. Full question in chat was from “Frustrated Customer”: “Are you fixing the hack or not”] Frustrated Customer, yeah, so… are we fixing the hack? I don’t believe there was a hack of our core system, I believe that somebody got access to an old backup. We already talked about it.

Monster, 2:20:32: [reading the chat. Full question in chat was from “Frustrated Customer”: “What is the point of this call??? What are you hoping to achieve here???”] “the point of this call…” The point of this call was actually to get Chad to come online to talk to me in a minute(?) but I haven’t seen Chad. Anybody seen Chad? I haven’t seen Chad. Who even knows Chad but Steven Bolton?
posted by inflatablekiwi at 4:01 PM on September 21, 2021 [9 favorites]

The lists of domain names are interesting and I think, a little illuminating. Like some people buy up the domains that they think their opponents will want -- e.g. cancelpolice, socialjusticeunited -- and some people buy up the domains for their own propaganda/misinformation efforts -- e.g. holocaust-truth.
posted by spamandkimchi at 4:04 PM on September 21, 2021 [3 favorites]

I got an alert through Firefox monitor that my email and phone number appeared in the Epik breach

Me too. I definitely didn't provide those on purpose to any Nazi-affiliated sites. But I don't know what all Epik hosted, presumably there's some innocuous stuff (or a gamer site, ugh) which could have been involved. To CrystalDave's point my contact info has been in whois records in the past when I was young and foolish.

The resolve this breach advice Mozilla offered is very generic. Note you said "email and phone number" but there's nothing to indicate it's necessarily both. My guess is my own record is email only, but I can't be sure. My email address is in no way a secret so I'm not particularly concerned.
posted by Nelson at 4:07 PM on September 21, 2021

"Unidentified: I bet God could create technology that couldn’t be hacked."

You need Arisians.
posted by Nancy Lebovitz at 4:08 PM on September 21, 2021 [4 favorites]

Ok last one I promise - I can't stop reading the transcript. Just the most amazing thing I've ever read....just wow.....

Monster, 2:59:00: And then Wikipedia! Those of you who think Wikipedia is anything other than propaganda, you’re…
Unidentified: He’s just fucking around talking about it. Did he like apologize for getting everybody’s fucking data? Or is he just rambling like a fucking idiot?
Monster: Uh, no. No, no, no, not like a fucking idiot.
Unidentified: Oh, you can hear me?
Monster: I can.
Unidentified, 2:59:22: You fucking clown.
posted by inflatablekiwi at 4:19 PM on September 21, 2021 [68 favorites]

I was driving today and got passed by a black Jeep Wrangler with angry eyes and a SS totenkopf skull sticker on it. My turn-off was right then so I don't know what happened to them after that but I hope it was bad.
posted by glonous keming at 4:21 PM on September 21, 2021 [10 favorites]

Can I point out that just the name Rob Monster for GOP dominated misinformation sources is on point and on brand. The schadenfreude is just... so... perfect.
posted by Nanukthedog at 4:29 PM on September 21, 2021 [9 favorites]

I'm not sure I have it in me to read that transcript myself but I vote in favor of sharing more hilariously weird snippets.
posted by biogeo at 4:36 PM on September 21, 2021 [17 favorites]

Skimming around in that transcript... wow, things got really weird. At the end he's talking about washing oneself in the blood of Christ and building a fintech site for orphans... WTF, dude?
posted by Saxon Kane at 4:41 PM on September 21, 2021

I vote in favor of sharing more hilariously weird snippets

Yes, by all means, this is an appropriate place to document and archive those highlights!
posted by Rash at 4:43 PM on September 21, 2021 [2 favorites]

Ten year old vulnerability, unpatched even after being warned, and they're a domain registrar! Clowns.
posted by rdr at 4:43 PM on September 21, 2021 [10 favorites]

So the honest truth is that I’m sitting in the car park of a mental health institute here in Utah awaiting the 20 minute daily visitation I get with a relative who is in crisis. So reading the transcript and quoting here is helping me with the stress. I have to go do that visit now but this…..this gave me the biggest laugh I’ve had all week….


Monster: Alright. Well if you’re gonna masturbate, just turn the audio off okay, because I don’t really want to hear it.

Unidentified: Yeah you do.

Monster: No, I don’t really get off on it.

Unidentified: Yeah you do. That’s why you’re talking about it.
posted by inflatablekiwi at 4:55 PM on September 21, 2021 [37 favorites]

I got an alert through Firefox monitor that my email and phone number appeared in the Epik breach

I've heard (from random Fediverse people, so YMMV) that Epik was scraping a lot of data from other sites (e.g. contact details for domains registered with other registrars) so it's likely that that's how your info got there.
posted by suetanvil at 4:57 PM on September 21, 2021

Rob Monster? Really? Really?

I suppose there’s a Jeremy Redbull somewhere. And an Emily Joltcola. Jeremy’s a Nazi fuck too, but Emily, she’s good people.
posted by Don.Kinsayder at 5:04 PM on September 21, 2021 [7 favorites]

At the end he's talking about washing oneself in the blood of Christ and building a fintech site for orphans...

I mean, it's probably better that than vice-versa...
posted by quizzical at 5:10 PM on September 21, 2021 [19 favorites]

my email and phone number appeared in the Epik breach

Me too. From have i been pwned?: In September 2021, the domain registrar and web host Epik suffered a significant data breach, allegedly in retaliation for hosting alt-right websites. The breach exposed a huge volume of data not just of Epik customers, but also scraped WHOIS records belonging to individuals and organisations who were not Epik customers. The data included over 15 million unique email addresses (including anonymised versions for domain privacy), names, phone numbers, physical addresses, purchases and passwords stored in various formats.
posted by not_the_water at 5:12 PM on September 21, 2021 [3 favorites]

Unidentified: He’s just fucking around talking about it. Did he like apologize for getting everybody’s fucking data? Or is he just rambling like a fucking idiot?
Monster: Uh, no. No, no, no, not like a fucking idiot.
Unidentified: Oh, you can hear me?
Monster: I can.
Unidentified, 2:59:22: You fucking clown.

Just this bit alone has cleared my skin, watered my crops, improved my grades & given me life. I love it so much. I'm so in love with this I'm going to do a bad Metafilter tag.
Metafilter: Oh, you can hear me? You fucking clown.
posted by bleep at 5:36 PM on September 21, 2021 [55 favorites]

I need a cigarette.
posted by hototogisu at 5:44 PM on September 21, 2021 [2 favorites]

Don't forget that weev showed up in the press conference and showed off his swastika tattoo and Monster sent him "much love"
posted by Uncle at 5:48 PM on September 21, 2021 [6 favorites]

Rob Monster? Really? Really?

To be fair, Rob Zombie was already registered.
posted by inflatablekiwi at 6:15 PM on September 21, 2021 [15 favorites]

As of about 45 minutes ago, there appear to be some ongoing developments concerning the non-customer data that Epik had stored (and was also compromised): "We have checked at least 10 different email addresses that received alerts from @haveibeenpwned and not one of them has been in the datasets that mirror public datasets, like WHOIS data."

Anyway, for those here for the transcript "best-ofs", here are a few of my favorites:

Monster, 0:35:56: So July 2018, I’m kind of in this boardroom struggle with the group that was running the company at the time, and we go on vacation, cruising in the Mediterranean, like around August 17. Middle of the Mediterranean underneath a Persian meteor shower and I’m looking up at the sky. Beautiful, clear night, like endless stars, and I have absolute clarity that the Lord is going to need a registrar. It’s the closest thing to a calling I’ve ever experienced.

Monster, 0:42:00: No no no, let me finish, let me finish the story, and then I’m going to come to Steve’s question. Right, fair? Alright. So… I’m the moderator. But I promise I will listen to everybody. I will not leave until all your questions are answered. We can go all night. It’s okay. My wife and daughter are in Austin so I have the house to myself. If the dog has to pee he’s got a diaper on.

Monster: [mutes self, continues speaking]

Monster, 1:34:19: So yeah, I feel terrible. Yesterday was, I tell you. I weeped. We actually had, craziest thing. So I had a call at five in the morning, got up at 4:40 in the morning for this 5am call, the cybersecurity group. And this cybersecurity group gave us a briefing. And then after that, our guy in South Africa [...] He’s like “Rob, we need a meeting. We need this prayer meeting.” I was like, “alright, then do it”. And so he convenes a meeting, he explains to me how it’s going to go. Five guys [...] We have this hour and fifteen minute meeting, courts of heaven, throne room, total get-it-done, break every curse… I mean, I am not gifted on that level, I know how to pray but this was on another level. And I’m telling you, there were curses put on these datasets, and not out of spite. I’m just saying that it was done. I’m just giving you a heads up. There are curses. Laptops will burn. Hard drives will burn.

Unidentified: Do you have any discount codes like the MyPillow guy?
Monster, 1:41:41: Yeah well, so for example, .com transfer now is $6.99 for unlimited .com transfer. I would encourage you to check that out.

Monster: But we also… anybody who wants to have a self-hosted instance of Jitsi on your own domain name, Epik will set it up for you, and we don’t charge much. We haven’t commercialized it as a product. But if you want help setting up your own, you can do that. Looks like Catgod is now the moderator.
Unidentified: Oh God. Oh no.
Kirtaner: Catgod! Be a benevolent god!
Rauhauser, 3:19:31: Whoever wrote this scene, Hollywood’s not gonna buy it.

Unidentified: It’s just like saying you’re a fan of anarchosyndicalism because you like Noam Chomsky or something.
Unidentified: I just like narcotics, bro.

posted by Kadin2048 at 7:01 PM on September 21, 2021 [24 favorites]

Ten years ?!? How does have a company that launched in the last couple of years have an unpatched 10 year old vulnerability. It's like they went out of their way to get a buggy version of the system. This has got to be some flavour of malicious compliance or double agent attack from within right?
posted by Mitheral at 7:14 PM on September 21, 2021 [2 favorites]

I've never heard of Rob monster before today, but I'm genuinely wondering if the dude is okay.
posted by Jacen at 7:38 PM on September 21, 2021 [4 favorites]

I love the bit where they think they're too good at their job to be hacked?? "We're not so stupid to allow that to happen"? delicious.

Ten years ?!? How does have a company that launched in the last couple of years have an unpatched 10 year old vulnerability. It's like they went out of their way to get a buggy version of the system. This has got to be some flavour of malicious compliance or double agent attack from within right?

You're underestimating how easy it is to be bad at managing software responsibly, especially if you already have brain rot. It's just a guess, but I think that Epik is probably staffed with a lot of people who decided to get into tech due to Freedom of Speech ideals. Not really the folks known for due diligence and risk management.
posted by snerson at 7:42 PM on September 21, 2021 [8 favorites]

Ten years ?!? How does have a company that launched in the last couple of years have an unpatched 10 year old vulnerability. It's like they went out of their way to get a buggy version of the system. This has got to be some flavour of malicious compliance or double agent attack from within right?

You've never worked in business software/IT, have you?
posted by Alterscape at 10:58 PM on September 21, 2021 [21 favorites]

Ugh, on failure to preview, snerson explained what I was trying to explain, more clearly and with less mis-interpretable snark. I maintain that this is bad, worse than anything anyone I know has witnessed, but not like, orders of magnitude worse. Security is hard. Security is extra hard if people see it as a cost center and/or don't care, and/or think they're too smart.
posted by Alterscape at 11:00 PM on September 21, 2021 [5 favorites]

MetaFilter: If the dog has to pee he’s got a diaper on.
posted by chavenet at 1:04 AM on September 22, 2021 [6 favorites]

I think that Epik is probably staffed with a lot of people who decided to get into tech due to Freedom of Speech ideals.

The disingenuous white-supremacist version, where they're actually only in favor of freedom of speech when they are expressing contempt for other people that they hate. When women, Jews, queer folk, bipoc folk are trying to participate and exist in the public sphere, let alone exercise their own ability to speak, white supremacists exercise a variety of tactics from hacking, shouts of contempt, to murder. Cue Sartre:

Never believe that anti-Semites are completely unaware of the absurdity of their replies. They know that their remarks are frivolous, open to challenge. But they are amusing themselves, for it is their adversary who is obliged to use words responsibly, since he believes in words. The anti-Semites have the right to play. They even like to play with discourse for, by giving ridiculous reasons, they discredit the seriousness of their interlocutors. They delight in acting in bad faith, since they seek not to persuade by sound argument but to intimidate and disconcert. If you press them too closely, they will abruptly fall silent, loftily indicating by some phrase that the time for argument is past.

The instant these chucklefucks have the ability, they squelch the freedom of speech rights of their victims. Any invocation of freedom of speech is just trolling and trying to invoke a claim of hypocrisy when we shut them down.

Tldr: punch the nazi.
posted by sebastienbailard at 2:13 AM on September 22, 2021 [56 favorites]

> I've never heard of Rob monster before today, but I'm genuinely wondering if the dude is okay.

Well, he's a Nazi.

I mean, I know what you mean, but he's literally a Nazi.
posted by at by at 4:41 AM on September 22, 2021 [19 favorites]

what do I know about gematria. Do you guys know about gematria? It’s kind of interesting.

Is Jewish mysticism big in the nazisphere of 2021?
posted by acb at 5:40 AM on September 22, 2021 [2 favorites]

On the transcript,t hat guy comes across as unhinged and in no position to be actually managing a data network.
posted by Dip Flash at 6:06 AM on September 22, 2021

Is Jewish mysticism big in the nazisphere of 2021?

Indiana Jones in Raiders of the Stupidest Timeline, starring Rob Monster as the bumbling Nazi religious expert who accidentally opens the Ark of Anonymous, which melts down the whole online Nazi crew.
posted by inflatablekiwi at 6:21 AM on September 22, 2021 [11 favorites]

sebastienbailard, you are entirely correct, and that was a worthy addendum. I rarely see Freedom of Speech discussed as anything other than a fig leaf for bullying, especially in the context of these assholes, but it is important to remember that their conception / use of the concept is a perversion.

tldr punch the nazis indeed.
posted by snerson at 7:52 AM on September 22, 2021 [2 favorites]

Is Jewish mysticism big in the nazisphere of 2021?

Weren't Hitler & Co obsessed with all sorts of mystic traditions, including (and perhaps especially) Jewish ones? That was my impression
posted by Saxon Kane at 9:29 AM on September 22, 2021

I think Nazi interest in occultism has been exaggerated in media (in films alone we have Indiana Jones, Hellboy, through to Marvel's Red Skull). Their interest wasn't necessarily zero (depending on what you include in your ideas of occultism/mysticism; certainly many of the ideas of the Volkisch movement have mystical/mythological ties) but "obsession" seems to overstate the case.
posted by axiom at 10:15 AM on September 22, 2021 [1 favorite]

"Nazism was the moment when the spirit of magic seized the helm of material progress. Lenin said Communism was socialism plus electricity. In a sense, Hitlerism was Guenonism plus armored divisions."

-Pauwies and Bergier, Le matin des magiciens, Paris, Gallimard, 1960

So, if the interest in occultism has been exaggerated in the media, that phenomenon is quite a bit older than the Indiana Jones movies, and historically there's always been a lot of intersection - arguably a necessary or inevitable overlap, given that they're very similar veins of quasi-magical belief - between the believers of symbol-heavy occultism and those of blood-and-soil authoritarian politics.
posted by mhoye at 10:28 AM on September 22, 2021 [3 favorites]

This potentially should be its own FPP (and I'd be happy to work on one if that's the general consensus), but there is a second thread to this whole story that's been moving along in parallel, and that's about a particular client of Epik's, who was/is using their platform to "dox", threaten, and harass people they don't like, especially journalists.

Joseph "JoJo" Camp (aka YourDaddyJoey) ran the doxing website "antifafiles.com", which seems to have particularly targeted left-leaning journalists writing about rightwing (esp. Proud Boys) violence. Steven Monacelli, who broke the news of the Epik hack, and Alissa Azar have both both targeted.

Camp's dossier-style page on Monacelli (which I will not link to) contains his full name, email addresses, home and business addresses, cell phone number, car license plate number, and what appear to be his immediate family's names and addresses as well. It previously contained screenshots of personal messages purportedly showing Monacelli to be a "sex pest", but appeared to be the result of multiple "honey trap" interactions where he was solicited for personal photos by people posing as women personally interested in him.

There are also reports that Monacelli was sent video taken during a break-in inside his own home, and that Camp or one of his fellow-travelers was able to obtain a Texas Temporary Restraining Order (TRO) against Monacelli, in order to force him to surrender a firearm to police, and then posted about the fact that he was "unarmed".
posted by Kadin2048 at 11:51 AM on September 22, 2021 [10 favorites]

The transcribed exchange with R-o-c-c-o the beaver-fucking-nurse is not to be missed.
Are you Christlike?
posted by snuffleupagus at 1:52 PM on September 22, 2021

If we're talking about films about Nazis and the occult, let's not forget Michael Mann's bizarre movie The Keep.

Anyway, my sense of Nazi interest in the occult was not that they thought it was "real" in the sense of, I don't know, trying to create an army of golems. But there's a certain mysticism at the heart of the fascist mythos, and their interest in the occult was more about the psycho-social bonds that such belief systems could generate. But, yeah, pop culture has overstated the case, I guess.
posted by Saxon Kane at 4:03 PM on September 22, 2021 [2 favorites]

new epik leak just dropped

Now, the hacktivist collective says it has leaked “several bootable disk images of assorted systems” in a roughly 70GB torrent file.

...

“Files are one thing, but a virtual machine disk image allows you to boot up the company’s entire server on your own,” he said. “We usually see breaches with database dumps, documents, configuration files, etc. In this case, we are talking about the entire server image, with all the programs and files required to host the application it is serving.”

The data includes API keys and plaintext login credentials for not only Epik’s system but for Coinbase, PayPal, and the company’s Twitter account.

as much as i tend to give anonymous sideeye and love the ridiculous elementary version "everyone", i gotta say.

great work guys, dew uh bear rille role
posted by i used to be someone else at 1:50 PM on September 29, 2021 [1 favorite]