Distributed Denial of Secrets (DDoSecrets), a self-proclaimed “transparency collective,” claim they have received more than 70 gigabytes of data exfiltrated from social media network Gab.
Gab, which touts itself as “a social network that champions free speech, individual liberty and the free flow of information online” has drawn in various alt-right and far-right users. A hacker was reportedly able to obtain the exposed data through an SQL injection vulnerability in the site, DDoSecrets claims.
Wired, which said they viewed a sample of the data, said that the data appears to include both individual and group profiles for Gab users, as well as hashed account passwords and 40 million public and private posts. These profiles include users’ descriptions and privacy settings, they said.
DDoSecrets said they received the files from someone calling themselves “JaXpArO and my Little Anonymous Revival Project.” The group explained in a statement released to DataBreaches.net, “Distributed Denial of Secrets had no role in the compromise of Gab or any other service, and did not crack any password hashes, use any of the plaintext group passwords, or otherwise compromise anyone’s account,” they wrote.
“Early in the review process, we made the decision to limit the distribution of the dataset to both protect the privacy of innocent Gab users and the integrity of their accounts and private groups,” they said.
Gab CEO Admits Breach
Gab CEO Andrew Torba initially denied the breach in a statement on Gab’s website, but has since acknowledged it occurred in a statement on Twitter (punctuated with a transphobic slur against the group, calling them “demon hackers”).
Torba said the company was aware of a vulnerability “in this area and patched it last week.” The company is also proceeding to undertake a full security audit, he said.
“The entire company is all hands investigating what happened and working to trace and patch the problem,” Torba said in a statement on Feb. 28. He added the leaked passwords were hashed for security.
‘Gold Mine’ for Investigators into Jan. 6 Attack
The breach, which DDoSecrets calls GabLeaks, is aimed at exposing that platform’s most dangerous users, they said. Best opines, turning over the data is in the public interest.
“It’s another gold mine of research for people looking at militias, neo-Nazis, the far right, QAnon, and everything surrounding January 6,” Best told Wired about the trove of data.
Affected users, according to Wired, reportedly include former president Trump, Qanon-sympathetic freshman Congresswoman Marjorie Taylor-Greene, My Pillow CEO Mike Lindell and radio host Alex Jones.
Following the Jan. 6 Capitol attacks, when social media platforms including Twitter and Facebook banned the account of President Donald Trump and some of his most fervent supporters, many of those users flocked to Gab. The same was true after Amazon stopped hosting Parler, a preferred destination for Qanon conspiracy theorists, white nationalists and other alt-right groups.
DDoSecrets Gears Up With Data Leaks
The Gab release is just the latest leak from DDoSecrets, which appears to be ramping up its operations. DDoS secrets has also recently released data exfiltrated from around 120,000 Myanmar corporations in the wake of the military coup against the country’s government, and published a massive leak of law enforcement data, dubbed BlueLeaks, in June.
DDoSecrets is poised to pick up right where WikiLeaks left off, according to a Wired report on the group from last summer. In 2018, they published emails between Russian leaders and oligarchs, and in 2019, they released hacked emails from a London financial firm known for money laundering.