Published in News

Far-right social media platform hacked

by on02 March 2021


Gab loses passwords and private communications.

The far-right social media platform Gab says a trove of its contents has been stolen in a security breach -- including passwords and private communications.

The WikiLeaks-style group Distributed Denial of Secrets is revealing what it calls GabLeaks, a collection of more than 70 gigabytes of Gab data representing more than 40 million posts.
DDoSecrets says a hacktivist who self-identifies as "JaXpArO and My Little Anonymous Revival Project" siphoned that data out of Gab's backend databases in an effort to expose the platform's largely right-wing users.

Gab patrons, whose numbers have swelled after Parler went offline, include large numbers of Qanon conspiracy theorists, white nationalists, and promoters of former president Donald Trump's election-stealing conspiracies that resulted in the January 6 riot on Capitol Hill.

DDoSecrets cofounder Emma Best says that the hacked data includes not only all of Gab's public posts and profiles -- except for any photos or videos uploaded to the site -- but also private group and private individual account posts and messages, as well as user passwords and group passwords.

"It contains pretty much everything on Gab, including user data and private posts, everything someone needs to run a nearly complete analysis on Gab users and content", Best wrote.

"It's another gold mine of research for people looking at militias, neo-Nazis, the far-right, QAnon, and everything surrounding January 6."

DDoSecrets says it's not publicly releasing the data due to its sensitivity and the vast amounts of private information it contains. Instead, the group says it will selectively share it with journalists, social scientists, and researchers.

According to DDoSecrets' Best, the hacker says that they pulled out Gab's data via a SQL injection vulnerability in the site, a common web bug in which a text field on a site doesn't differentiate between a user's input and commands in the site's code, allowing a hacker to reach in and meddle with its backend SQL database.

Despite the hacker's reference to an "Anonymous Revival Project", they are not associated with the loose hacker collective Anonymous, they told Best, but do "want to represent the nameless struggling masses against capitalists and fascists".

The company's CEO, Andrew Torba, responded in a public statement on the company's blog that "reporters, who write for a publication that has written many hit pieces on Gab in the past, are in direct contact with the hacker and are essentially assisting the hacker in his efforts to smear our business and hurt you, our users".

 

Last modified on 02 March 2021
Rate this item
(0 votes)