New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research

Search

Gab Users Data Posted to DDoSecrets Website

Recent reports reveal that users of the social media platform Gab have had their information leaked by the group DDoSecrets. The Gab platform allows content to be posted without restrictions, and has attracted an increased user base of QAnon conspiracy theory supporters and others looking for a platform to post information since Parler lost its hosting on Amazon’s cloud service. The leaked data consists of private direct messages between Gab users, hashed passwords for user accounts, plaintext passwords for groups, group chat logs, and public posts. When rumors were first starting to spread about a potential breach, Gab representatives attempted to deny it. A short time later, the site went offline and the administrators claimed they were simply dealing with a spam issue. Gab’s CEO Andrew Torba later admitted that the site had been hacked, and stated that the site was vulnerable to an SQL injection attack and a flaw that has now been patched. It was then revealed on the DDoSecrets that a hacktivist identified as “JaXpArO and My Little Anonymous Revival Project” had accessed data from Gab and provided a copy of the data to DDoSecrets. The DDoSecrets site published 70 GB of the data from Gab. 

Analyst Notes

To lower the risk of data breaches, its recommended that necessary security patches are installed routinely and that websites be regularly tested for common vulnerabilities such as SQL Injection attacks. Sensitive data should also remain encrypted and two-factor authentication should be required as well. If a data breach is suspected, it is important to notify affected users.

Sources:
https://www.wired.com/story/gab-hack-data-breach-ddosecrets/

Gab hacked – DDoSecrets leak profiles, posts, DMs, passwords online