Posted on March 2, 2021 at 6:44 PM
Andrew Torba, chief executive officer of right-wing social media site Gab, has slammed “demon hackers” who he blamed for breaching the website. The breach allegedly had access to over 70,00 user data and messages.
“My account and [Donald] Trump’s have been compromised,” Torba tweeted on Sunday.
He added that the company has begun an investigation into the matter and try to provide a patch to the issue.
Users’ details safe
According to a report about the hack, JaXpArO and My Little Anonymous Revival Project” carried out the attack which exposed Gab’s users.
The report reveals that a dataset of over 40 million posts was created from private messages of about 15,000 Gab users. This includes user profiles, passwords, and hashed passwords of some users. The attackers allegedly used an SQL injection flaw to steal about 70GB of data.
An activist group named DDoSecrets Collective released the data and stated that it contains some details of the US Capitol violent siege on January 6.
Torba has assured its users that the breach is likely not going to affect them. According to him, users share only a little information with the site. As a result, the small details will not be enough for the hackers to identify the users.
Reporters blamed for the attack
After the US Capitol riots, Facebook, Twitter, and other social media sites banned Donald Trump’s social media accounts. Bans were also placed on some of its notable supporters.
As a result, many of them turned to sites like Gab and Parker, which didn’t follow the much-regulated approach by other sites. They allegedly didn’t do anything to prevent hate speech or the flow of misinformation.
Wired first published the compromise of the Gab data on Sunday. The security research firm contacted Gab about the breach before the latter released a statement confirming the breach.
In a blog post, Gab claimed that reporters who have written many publications on Gab have been contacting the hackers directly before the breach. Torba claimed the reporters have assisted the hackers in several ways, and their assistance allowed the hackers to attack the site.
But Wired denied any claim by Gab or any report linking it to the hackers. The research team also said it had no direct or indirect contact with the threat actors.
Same hackers also attacked law enforcement personnel
Torba also stated that the same hacking group that targeted Gab also targeted some law enforcement personnel and their families last summer.
However, the activist group denied the allegation, adding that the data will be released to journalists and researchers soon.
A member of the activist group stated that the data was a “gold mine of research” for those looking at QAnon, neo-Nazis, militias, and other things about the January 9 siege.
According to the group’s website, the data was a vital sociological resource as well as some records of the statements from groups that encourage an increase in extremist activities.
Gab has drawn large support from conservatives when it distanced itself from the moderation efforts place by Twitter and Facebook on former president Donald Trump.
“The individuals holding us to ransom are extortionists,” Torba also stated, adding that his group doesn’t negotiate with extortionist and have no intention of paying them.
Co-founder of DDoSecrets Emma Best stated that the data was shared with them by a hacktivist who compromised Gab through SQL-injection exploitation. Gab was established in 2016 and claims to be a social network that supports the free flow of information, individual liberty, and free speech.
The popularity of the platform has increased immensely in January at a period when Parler, a similar right-wing site was taken offline after the US Capitol incident.
At the time, threat actors compromised Parler, which exposed them and fingered them as having contributed to the escalation of the incident.