The founder of far-right social media platform Gab said former President Donald Trump’s private account was among the data stolen and made public by hackers who recently hacked into the site.
In a statement on Sunday, founder Andrew Torba used a transphobic slur to refer to Emma Best, the co-founder of Distributed Denial of Secrets. The statement confirmed claims the WikiLeaks-like group made Monday that it had obtained 70GB of passwords, private messages and more from Gab and made them available to selected researchers and journalists. The data, Best said, was provided by an unidentified hacker who hacked into Gab by exploiting an SQL injection vulnerability in his code.
“My account and Trump’s have been compromised, of course because Trump is about to go on stage and speak,” Torba wrote on Sunday as Trump was about to speak at the CPAC conference in Florida. “The entire company is all hands-on investigating what happened and working to identify and resolve the issue.”
An important data set
GabLeaks, as DDoSecrets calls the leak, comes nearly eight weeks after pro-Trump insurgents stormed the US Capitol. The rioters captured hundreds of thousands of videos and photos of the siege and posted them online. Mainstream social media sites have removed much of the content because it violates their terms of service.
“The Gab data is an important but complicated data set,” DDoSecrets employees wrote in a message Monday morning. “Not only is it a corpus of public discourse on Gab, it also contains every private message and many private messages. In a simpler or more ordinary time it would be an important sociological resource. In 2021 it is also an account of the culture and the exact explanations surrounding not just an increase in extremist views and actions, but an attempted coup.”
Gab and a competing site called Parler were some of the last refuges that kept much of the content publicly available. Amazon and web hosting providers later cited a lack of adequate content moderation in suspending the service to Parler.
Shortly before the formwork, however, someone found a way to use Parler’s publicly available programming interfaces to scrape about 99 percent of the site’s user content and then make it publicly available.
While law enforcement groups likely had other ways to obtain the Parler data, its public availability allowed a much larger group of people to conduct their own investigations and investigations. The leak was especially valuable because materials contain metadata that is usually removed before users can download videos and images. The metadata gave people the ability to track the precise timelines and locations of filmed participants.
DDoSecrets said the 70GB GabLeaks contains more than 70,000 plain text messages in more than 19,000 chats by more than 15,000 users. The dump also shows passwords that have been “hashed”, a cryptographic process that converts plain text into unintelligible characters. While hashes cannot be converted back to plaintext, cracking them can be trivial when websites choose weak hash schemes. (Best told Ars they didn’t know which hash scheme was being used.) The leak also includes plain text passwords for user groups.
Hate speech haven
Gab has long been criticized as a haven for hate speech. In 2018, Google banned the Gab app from the Play Store for a violation of its terms of service. A year later, web host GoDaddy terminated service to Gab after one of its users took to the site to criticize the Hebrew Immigrant Aid Society shortly before killing 11 people at a synagogue in Pittsburgh.
Gab is also under investigation by the Pennsylvania Attorney General. In January, the Anti-Defamation League called on the US Department of Justice to investigate Gab for his role in the insurgent attack on the Capitol.
Attempts to reach Torba for comment failed.
Best said DDoSecrets makes GabLeaks available only to journalists and researchers with a documented history of covering leaks. People can request access via this link.