The founder of far-right social media platform Gab said that former President Donald Trump's private account is among the data stolen and publicly released by hackers who recently breached the site.
In a statement on Sunday, founder Andrew Torba used a transphobic bow to refer to Emma Best, the co-founder of Distributed Denial of Secrets. The statement confirmed that the WikiLeaks-style group received 70GB of passwords, private posts and more from Gab on Monday and made them available to selected researchers and journalists. The data was provided by an unidentified hacker who breached Gab by exploiting a SQL injection vulnerability in his code, according to Best.
"My account and Trump's account were compromised, of course when Trump wants to go on stage and speak," Torba wrote on Sunday when Trump wanted to speak at the CPAC conference in Florida. "The entire company is in all hands to investigate what happened and to find the problem and fix it."
An important record
"The Gab data is an important but complicated set of data," DDoSecrets staff wrote in a post on Monday morning. "Not only is it a corpus of public discourse about Gab, but it also includes every private contribution and many private messages. In a simpler or more ordinary time, it would be an important sociological resource. In 2021, it is also a record of culture and the exact." Statements that not only concern an increase in extremist views and actions, but also an attempted coup. "
Gab and a competing site called Parler were some of the last few havens that allowed much of the content to remain publicly available. Amazon and web hosting providers later pointed to a lack of adequate moderation of content when discontinuing the service for Parler.
However, just prior to the shuttering, someone found a way to use Parler's publicly available programming interfaces to remove about 99 percent of user content from the website and then make it publicly available.
While law enforcement groups likely had other ways of obtaining the Parler data, its public availability enabled a much larger group of people to conduct their own research and investigation. The leak was particularly valuable as materials contained metadata that was usually removed before users could download videos and images. The metadata gave people the ability to keep track of the exact schedules and locations of the filmed attendees.
According to DDoSecrets, GabLeaks of 70 GB contains over 70,000 plain text messages in more than 19,000 chats from over 15,000 users. The dump also shows passwords that are "hashed", a cryptographic process that converts plain text into unintelligible characters. While hashes cannot be converted back to plain text, cracking hashes can be trivial when websites choose weak hashing schemes. (Best of all, Ars said they didn't know what hashing scheme was being used.) The leak also includes clear text passwords for user groups.
Haven of hate speech
Gab was also investigated by Pennsylvania's attorney general. In January, the Anti-Defamation League called on the US Department of Justice to investigate Gab's role in the insurgent attack on the capital.
Attempts to reach Torba for comment were unsuccessful.
Best said DDoSecrets only makes GabLeaks available to journalists and researchers with a documented history of leak coverage. This link allows users to request access.