The Gab accounts of Donald Trump and Gab’s own CEO are among those “compromised” by a hack of the microblogging service popular among US conservatives and right-wingers. The data is being offered to researchers and journalists.
A 70-gigabyte trove of data dubbed “Gableaks” includes public posts on the platform, but also “private posts, user profiles, hashed passwords for users, DMs, and plaintext passwords for groups,”according to an entity called DDoSecrets. The information was allegedly stolen by a third party and leaked to the group, which operates similarly to WikiLeaks. The leak was described in detail by Wired, which was given access to a sample of the dataset.
Gab is a competitor of Twitter that caters to users who feel their freedom of speech is being unduly restricted by Big Tech. Critics call it a hotbed of far-right extremism that is flourishing thanks to the company policies encouraging user anonymity and a lack of content moderation.
Like it’s better-known counterpart Parler, Gab saw an influx of new users after Silicon Valley launched a crackdown on undesirable voices in the wake of the January 6 riot at the Capitol. When Parler was effectively deplatformed shortly afterwards, some of its users went to Gab.
The Gableaks trove “contains pretty much everything on Gab, including user data and private posts, everything someone needs to run a nearly complete analysis on Gab users and content,” DDoSecrets cofounder Emma Best told the tech news website. “It’s another gold mine of research for people looking at militias, neo-Nazis, the far right, QAnon and everything surrounding January 6.”
According to Wired, the data in DDoSecrets’ possession was obtained through a technique called “SQL injection,” which tricks a website into executing malicious code sent as user input. In a Friday statement, Gab said it was “aware of a vulnerability in this area and patched it last week.” DDoSecrets says the hacking was done by “JaXpArO (they/them) & My Little Anonymous Revival Project.”
After a Wired inquiry about the breach, Gab’s CEO Andrew Torba publicly presumed that the publication was “in direct contact with the hacker and [was] essentially assisting the hacker in his efforts to smear our business and hurt you, our users.” After the story was published, he lashed out at “mentally ill t****y demon hackers” and at DDoSecrets.
“The same people behind this attack targeted law enforcement officers and their family members last summer,” he wrote on Sunday. Torba was apparently referring to ‘Blueleaks,’ the 269-gigabyte trove of internal US law enforcement data that DDoSecrets helped disseminate in June and for which it is best known by the public. He claimed that “the feds are treating them as a criminal hacker organization.”
In its Friday statement, Gab downplayed the importance of the breach, citing its policy of not collecting user data that can help identify them and pointing out that the DMs feature was only available at the site for a short period of time. An update on Sunday said the company was “all hands on deck investigating what happened” and implied that the dump of the data was timed with Donald Trump’s speech at the CPAC in Orlando.
Wired said the hashed passwords in the dataset appeared to include those for Donald Trump, Republican ‘QAnon congresswoman’ Marjorie Taylor Greene, controversial MyPillow CEO Mike Lindell and radio host Alex Jones. The latter has the distinction of being deplatformed by tech giants in 2018 in an apparently concerted manner and similarly to Parler this year. Reportedly neither Wired nor DDoSecrets attempted to decrypt the passwords, which would allow access to the accounts.
It remains to be seen how much insight into Gab’s user base the leak offers. For one, it helped social media researchers like Max Aliapoulios, who complained that the service was not stable enough to conduct collection of its public posts. The data, he told Wired, may help other companies censor on their platforms the type of speech that Gab allows.