It was about a month and a half ago when the Twitter and other major social networking platforms banned Donald Trump and others users with far-right views. Many of these users have been forced to switch to other platforms, such as Speak and Gab, who were more tolerant of hate speech and misinformation. A few days later, the Speak removed from its hosting services Amazon and found offline. Although he is back now, some of them users were transferred to Gab, another platform that is also featured for its far-right users.
However, it seems that Gab was violated resulting in theft its content, including passwords and private communications.
On Sunday night, the team Distributed Denial of Secrets (DDoSecrets) has revealed what it calls "GabLeaks, A collection of more than 70 gigabytes of Gab data, containing more than 40 million posts. DDoSecrets says a self-proclaimed hacktivist "JaXpArO and My Little Anonymous Revival Project”Sent this data from backend Gab databases, in order to expose the far-right users of the platform. Those users is proponents of conspiracy theories Qanon and conspiracies about election fraud, supporters of white supremacy, etc.
Η Emma Best by DDoSecrets, says the compromised data includes not just all public posts and Gab profiles (excluding photos or videos), but also private posts and messages as well as passwords access. "Contains almost all the information about Gab, including user data and private posts, everything one needs to perform a comprehensive analysis of Gab users and content".
DDoSecrets said that will not post to Internet the stolen data, but will share them with journalists, social scientists and researchers. Gab CEO Andrew Torba reported the breach on Sunday.
Passwords for private groups are not encrypted, while for user accounts they are hashed, which means that they can be protected from a breach, but the level of security depends on the hashing scheme and the strength of the underlying password.
It is said that among the users whose hashed passwords have been stolen are Donald Trump, Marjorie Taylor Greene, Mike Lindell and Alex Jones.
The violated data also include a file chatlogs.txt containing private conversations between users.
According to DDoSecrets, the hacker who broke into Gab says he took advantage of a SQL injection vulnerability on the site. With the name "Anonymous Revival Project", The hacker or the hackers behind the breach say “want to represent the anonymous masses fighting against capitalists and fascists".
The CEO of Gab, Andrew Torba, said the company was aware of the vulnerability and that it fixed it last week. THE company also mentioned that the social networking platform does not collect personal information by its users, such as telephone numbers, social security numbers, dates of birth, etc. "DM has only been live for a few weeks and is currently not a feature supported by the site, so if there has actually been a breach in this area, we expect the number of accounts affected to be lowTorba added on Friday, adding that he would inform users about possible new findings.
Although Torba did not confirm the violation security in a statement on Friday, two days later he admitted that both his account and that of Donald Trump had been breached.
"The whole company is investigating what happened and is working to identify and fix the problem"Torba wrote on Sunday.
Gab is the second far-right user social networking platform to be compromised in recent months. After the attack on the Capitol of USA in January, other hacktivists violated Parler, to download all its public content.
One researcher said that data leakage from Gab is significant. This data, according to him, could offer a window on how users migrate from one service to another when faced with prohibitions or other issues. They could also help with the creation tools to prevent the spread of misinformation on other sites and platforms. "There is so much hatred, harassment, racism, neo-Nazism on such a site", Says the researcher,"data from this could help develop ways to automatically detect this type of content so that other unauthorized parties can remove it immediately.".