The dark side of Gab: how the far-right platform was hacked and private data leaked
Gab, the far-right social network that has attracted over 330,000 users since its creation in August 2016, has been hacked and its database leaked online, revealing details of thousands of accounts and hundreds of private messages. The leak includes details such as users’ passwords stored in plaintext; personal information like names, email addresses, postal codes, and countries; and private messages between users.
How did it happen?
Gab got targeted by a group called Dragonfly which claims to have a zero-tolerance policy towards fascist propaganda on social media. The attack happened after Gab reached out to a Vice journalist, who had already been looking into the site. They said they would stop but then proceeded to share what they found with other interested parties online. The hack revealed that not only did the site’s app store inflate its downloads but that it had also been infiltrated by white supremacists using fake profiles. After an in-depth search for domain records and going through the forum posts, we discovered that many within this community were Islamophobic and openly espoused misogyny as well as advocated for Nazi values such as eugenics.
What data did they access?
A Twitter user who has been connected to those responsible for hacking into Gmail accounts in 2016 made a public announcement to claim responsibility for compromising data on the company. The hacker said that they had accessed data stored on their servers, which included access logs and user passwords stored as plain text. Some users may have been compromised by this hack because they used the same passwords across different platforms. However, an individual has not yet reported stolen data being accessed as a result of this security breach.
A user, who has since deleted their account following a wave of criticism from other users on Twitter, announced that they had accessed most of Gab’s database. The announcement included a number of screenshots from an unnamed source that appeared to verify their access. While details about exactly what data was accessed are currently unavailable, we do know that access logs were exposed. This is especially concerning for users who have connected to third-party sites or services via Gab’s API.
Who is responsible?
Gab is a popular social media site for those with far-right leanings. The Gab, Inc. company claims to be the home of free speech online and provides internet users with unfettered access to content even if that content is offensive or controversial. In recent years, this has attracted members from all corners of the political spectrum including those in Britain who were banned from Twitter for abusive behavior and outspoken white supremacists. Many have criticized its founder, Andrew Torba, for allegedly working with people such as Alex Jones, a radio show host well known for pushing conspiracy theories about 9/11 being an inside job or blaming Jews for various world events.
So, what now? Well, we hope that this sheds light on how dangerous these platforms can be. It is up to us to take back our virtual world from these shadowy corners where bigotry flourishes. First things first, as a community, we should hold accountable all companies who want to profit from hate speech (including those with ideologies opposite to that promoted by websites like Gab). This includes pressuring social media networks not to host websites like Gab and making it difficult for them to process credit card transactions. Hosting providers need to do their due diligence in their vetting process for prospective clients so that a service like this does not happen again on their watch.