Hackers steal 70GB of data from far-right social network Gab
The stolen data contains nearly 100,000 private messages from Gab users
Far-right social network Gab is investigating the alleged theft of 70GB of data containing over 40 million posts from its website.
The hacking group Distributed Denial of Secrets (DDoSecrets) reported the incident on Sunday. The person said to have taken the information goes by JaXpArO and the My Little Anonymous Revival Project. According to DDoSecrets, the data contains public and private posts, along with hashed user passwords, direct messages, and plain text passwords for groups. It also contains over 70,000 messages from over 19,000 chats.
DDoSecrets claimed no responsibility for the hack and said it’s merely reporting it and distributing information to the appropriate parties. It’s also limiting its distribution to journalists and researchers.
The hacker retrieved the information via a SQL injection attack, in which an attacker enters commands in the SQL injection language to an online form or via URL parameters. These attacks, which are part of a general injection attack class listed as the No. 1 form of web application attack by the Open Source Web Application Security Project (OWASP), and attackers have been exploiting them for over a decade.
"We were aware of a vulnerability in this area and patched it last week. We are also proceeding to undertake a full security audit," said Gab CEO Andrew Terba in a blog post about the incident. "We do not currently have independent confirmation that such a breach has actually taken place and are investigating."
Terba added that while the company hashes passwords, it doesn't encrypt them in groups, where passwords "are meant to be shared for users to join with.” The site no longer supports direct messaging functionality, he said.
Gab is an extreme far-right social network launched in May 2017. Paypal, GoDaddy, and Medium all banned Gab after one of its members posted an antisemitic message on the site before killing 11 people at a synagogue in October. Its hosting provider Joyent also booted the site from its servers. Gab later found a home with hosting service Epik.
DDoSecrets posted some analysis of the Gab data and found a marked rise in new Gab users just after Amazon kicked conservative social network Parler off its servers. New users jumped from a little under 50,000 on January 8 to around 450,000 on January 10, the figures show. Parler also suffered a hack in January, and the lone attacker exfiltrated 70 TB of data.
DDoSecrets is a successor to the secrets-leaking site Wikileaks. Active since 2018, DDoSecrets gained notoriety last June for BlueLeaks, the publication of US law enforcement officers’ data.
Activation playbook: Deliver data that powers impactful, game-changing campaigns
Bringing together data and technology to drive better business outcomesFree Download
In unpredictable times, a data strategy is key
Data processes are crucial to guide decisions and drive business growthFree Download
Achieving resiliency with Everything-as-a-Service (XAAS)
Transforming the enterprise IT landscapeFree Download
What is contextual analytics?
Creating more customer value in HR software applicationsFree Download