Far-Right Website Gab Suffers Data Breach in Major Hack
Hacktivist group Distributed Denial of Secrets has claimed responsibility for a data leak affecting the far-right website Gab.
- Gab has reportedly been hacked by Distributed Denial of Secrets.
- Distributed Denial of Secrets says more than 70GB of data has been breached, including Donald Trump’s account on the site.
- Popular among Bitcoin supporters, the right-wing website was briefly closed following a crypto-related scam in February.
Share this article
More problems for Gab: the alternative social media platform appears to have been hacked over the weekend.
Gab Hit by Hack
Gab, a self-styled “Free Speech Social Network” whose user base includes far-right supporters and Bitcoin enthusiasts alike, has reportedly been hacked.
Wired covered the attack Sunday after contacting the hacktivist group Distributed Denial of Secrets (DDoSecrets). The newest section on the group’s website is titled “GabLeaks,” and includes a link to download 70GB worth of data. DDoSecrets says “it includes every private post and many private messages.”
The full description of the files reads:
“70 GB of Gab public posts, private posts, user profiles, hashed passwords for users, DMs, and plaintext passwords for groups in SQL format, along with over 70,000 messages in more than 19,000 chats with over 15,000 users in plaintext format.”
DDoSecrets notes that the dataset has currently only been made available to journalists and researchers. The group’s co-founder, Emma Best, told WIRED that the data includes “pretty much everything” on Gab.
The data was allegedly pulled by a hacker who identifies as JaXpArO (they/them) & My Little Anonymous Revival Project.
Gab CEO Andrew Torba wrote a blog post about an “Alleged Data Breach” on Friday, in which he described an “alleged” attack concerning public and private posts, user profiles, passwords, and private messages. He said that the site had recently suffered a vulnerability and would also be carrying out an audit.
Torba also posted a since-deleted tweet on Sunday, using a transphobic slur to describe an attack on the site. He confirmed that both his and Donald Trump’s accounts had been “compromised.”
Best reposted a link to the post on the Internet Archive.
Gab’s Rocky Year
The DDoSecrets attack is not the only issue Gab has faced recently. In February, the site was briefly taken offline following a Bitcoin-related scam. Some accounts had begun posting Bitcoin wallet addresses in an attempt to extort crypto funds from Gab users.
Gab has seen an influx of new users in 2021 after Twitter banned Donald Trump and other far-right supporters in the wake of the Capitol Hill riot. Many of them turned to Parler, another site that operates in a similar format to Gab, though Amazon Web Service later pulled support for the site.
Trump supporters, QAnon conspiracy theorists, and white nationalists flocked to Gab as a result of the deplatforming. Gab is favored by some Bitcoiners, possibly because of the currency’s association with Libertarianism.
Several other major hacktivist breaches have come to light recently, many of them involving DDoSecrets.
Last month, the group released over 330GB worth of data related to companies in Myanmar following the country’s military coup. DDoSecrets also leaked police data stolen by an Anonymous hacker over the summer. The “BlueLeaks” incident was widely covered in the press and led to the U.S. Department of Homeland Security categorizing DDoSecrets as “a criminal hacker group.”
Crypto Briefing has reached out to Emma Best to request access to the leaked data, pending a response.
Disclosure: The author did not hold cryptocurrencies mentioned in this article at the time of writing.