Hackers break into the right-wing extremist social network Gab and collect a lot of private data


Do you remember when archivists collected every post on the conservative Parler social media platform earlier this year?

Something similar happened to another right-wing online platform, Gab, when hackers claimed they had broken into the social media site. But this intrusion is worse.

On Sunday, a hacktivist collective called DDoSecrets (Distributed Denial of Secrets) announced “GabLeaks,” over 40 million posts that the hackers claim they pulled off the platform. The archive contains not only public profiles and posts, but also posts and messages from private accounts, private groups, group passwords, and some hashed user passwords.

The entire leak consists of more than 70 gigabytes of data and was provided to DDoSecrets by a hacker from “JaXpArO and My Little Anonymous Revival Project”.

“It contains pretty much everything about Gab … everything anyone could need to do a near-complete analysis of Gab users and content,” said Emma Best, co-founder of DDoSecrets, in a statement to WIRED that first came across the Hack reported. “It’s another research goldmine for people looking at militias, neo-Nazis, the far right party, QAnon, and everything related to January 6th.”

Gab is a social network known for hosting extremists. The user base is widely viewed as even more far-right than Parler’s.

Andrew Torba, the founder and CEO of Gab, originally denied collecting such data and questioned the legality of the breach when news of the possible leaks spread over the weekend. Torba has since changed its declaration and called DDoSecrets a “demon hacker” (including transphobic insults). He claims the company has now got law enforcement involved.

In many ways, this hack is much bigger than what Parler’s archivists were able to pull out. The poorly coded site, which only came back online a few weeks ago after booting from Amazon’s hosting service, had an exploit. The vulnerability uncovered by a developer allowed them to easily remove all data from the platform via public links.

However, Gab was actually injured. Best informs WIRED that hackers discovered a SQL injection vulnerability on the platform that allowed them to access the site’s backend database. However, unlike Parler, the hackers were unable to retrieve Gab’s photos and videos.

When Parler’s data was retrieved earlier this year, the treasure trove of information gave a glimpse into the January 6 riot that wasn’t available anywhere else on major social media websites. After Parler went offline in January, many of its users migrated to Gab. It is possible that there will be even more to discover in these GabLeaks on January 6th.

Due to the “sensitivity” of the data, DDoSecrets do not publicly mark the leaks. However, the group will provide access to the data to legitimate researchers and journalists upon request.