Far-right platform Gab blames 'demon hackers' for security breach

The attackers are sharing information from the far-right site with journalists and researchers

Far-right social media platform Gab said on Sunday that the website had been hit with a security breach, exposing the account of former US President Donald Trump and company CEO Andrew Torba.

"My account and Trump's account were compromised, of course as Trump is about to go on stage and speak," Torba tweeted, just before Trump was due to speak at the annual Conservative Politican Action Conference (CPAC) in Florida.

"The entire company is all hands investigating what happened and working to trace and patch the problem," he added.

https://twitter.com/getongab/status/1366123617847828483?ref\\_src=twsrc%5Etfw

Torba accused 'demon hackers' for the breach, using a transphobic slur to describe the people behind the cyber attack.

On Monday, Torba said that they had received a ransom demand from hackers - $500,000 in Bitcoin - for the stolen data, adding that the company was working with law enforcement agencies on the issue.

"The individuals holding us to ransom are extortionists," Torba wrote.

"We do not pay ransom. We do not negotiate with extortionists. Period."

Torba confirmed claims made by Distributed Denial of Secrets (DDoSecrets) - a WikiLeaks-style transparency group - which stated that it had obtained 70GB data, including Gab users' hashed passwords and their profiles, as well as plaintext passwords for groups.

The group said that it was making the data available to select journalists and researchers, due to privacy concerns.

Emma Best, the co-founder of DDoSecrets, revealed that they received the data from a hacktivist who breached Gab by exploiting a SQL-injection vulnerability in its code.

The dataset included about 70,000 messages in more than 19,000 chats, in plaintext format, DDoSecrets claimed.

Gab, which was founded in 2016, describes itself as 'a social network that champions free speech, individual liberty and the free flow of information online'. The platform has seen a surge in popularity since early January, when similar right-wing site Parler was taken offline following the attacks on the US Capitol. Hackers also breached Parler, releasing the information to help authorities track down those associated with the attack on the 6th January.

Following the US Capital attacks, Twitter, Facebook and other social media platforms banned the accounts of Donald Trump and some of his supporters. Many of those digital refugees flocked to sites like Parler and Gab, which took a hands-off approach to content moderation. In practice, this allowed hate speech and disinformation to flow freely.

Wired was first to publish the Gab data breach on Sunday, claiming that the Gab breach is the work of a hacker known as 'JaXpArO and My Little Anonymous Revival Project'.

When Wired asked Gab about the alleged data breach, CEO Torba published a blog post, claiming 'reporters, who write for a publication that has written many hit pieces on Gab in the past, are in direct contact with the hacker and are essentially assisting the hacker in his efforts to smear our business and hurt you, our users'.

Wired rejected Torba's accusations, stating that their reporter has had no contact with the hacker.

Torba said in the blog post that the platform collects very little personal information from its users, and in the event of a data breach, "it is entirely possible for a user of the site to be unidentifiable based on the information they provide at login".