Far-right social network Gab is investigating the alleged theft of 70GB of data containing over 40 million posts from its website.
The hacking group Distributed Denial of Secrets (DDoSecrets) reported the incident on Sunday. The person said to have taken the information goes by JaXpArO and the My Little Anonymous Revival Project. According to DDoSecrets, the data contains public and private posts, along with hashed user passwords, direct messages, and plain text passwords for groups. It also contains over 70,000 messages from over 19,000 chats.
DDoSecrets claimed no responsibility for the hack and said it’s merely reporting it and distributing information to the appropriate parties. It’s also limiting its distribution to journalists and researchers.
The hacker retrieved the information via a SQL injection attack, in which an attacker enters commands in the SQL injection language to an online form or via URL parameters. These attacks, which are part of a general injection attack class listed as the No. 1 form of web application attack by the Open Source Web Application Security Project (OWASP), and attackers have been exploiting them for over a decade.
"We were aware of a vulnerability in this area and patched it last week. We are also proceeding to undertake a full security audit," said Gab CEO Andrew Terba in a blog post about the incident. "We do not currently have independent confirmation that such a breach has actually taken place and are investigating."
Terba added that while the company hashes passwords, it doesn't encrypt them in groups, where passwords "are meant to be shared for users to join with.” The site no longer supports direct messaging functionality, he said.
Gab is an extreme far-right social network launched in May 2017. Paypal, GoDaddy, and Medium all banned Gab after one of its members posted an antisemitic message on the site before killing 11 people at a synagogue in October. Its hosting provider Joyent also booted the site from its servers. Gab later found a home with hosting service Epik.
DDoSecrets posted some analysis of the Gab data and found a marked rise in new Gab users just after Amazon kicked conservative social network Parler off its servers. New users jumped from a little under 50,000 on January 8 to around 450,000 on January 10, the figures show. Parler also suffered a hack in January, and the lone attacker exfiltrated 70 TB of data.
DDoSecrets is a successor to the secrets-leaking site Wikileaks. Active since 2018, DDoSecrets gained notoriety last June for BlueLeaks, the publication of US law enforcement officers’ data.
-
Will the new Safe Harbour deal really protect your data?Analysis Businesses and campaigners react to Privacy Shield, the new EU-US data transfer agreement
-
Gov denies Verify could be used to spy on youNews GDS issues rebuttal to paper claiming identity assurance scheme degrades your privacy
-
Legal scholars plead with MPs over Snooper’s CharterNews Academics sign open letter to stem government-sanctioned data collection
-
Tech giants beg Obama to keep encryption strongNews Apple, Microsoft, Google among 140 tech firms and experts to argue against security back doors
