The founder of the far-right social media platform Gab said that former President Donald Trump’s private account was among the stolen and publicly released data by hackers who recently breached the site.
In a statement on Sunday, founder Andrew Torba used transphobic language to refer to Emma Best, the co-founder of Distributed Denial of Secrets. The statement confirmed claims that the WikiLeaks-style group made on Monday that it obtained 70 GB of passwords, private posts and more from Gab and was making them available to selected researchers and journalists. The data, Best said, was provided by an unidentified hacker who breached Gab by exploiting an SQL injection vulnerability in his code.
“My account and Trump’s account have been compromised, it is clear that Trump is about to take the stage and speak,” wrote Torba on Sunday when Trump was about to speak at the CPAC conference in Florida. “The entire company is investigating what happened and working to track and correct the problem.”
An important data set
GabLeaks, as DDoSecrets is calling the leak, comes almost eight weeks after pro-Trump insurrectionists invaded the United States Capitol. Protesters took hundreds of thousands of videos and photos of the siege and posted them online. Major social media sites removed much of the content because it violated their terms of service.
“Gab’s data is an important but complicated data set,” wrote DDoSecrets officials in a post on Monday morning. “In addition to being a corpus of public discourse about Gab, it includes all private posts and many private messages as well. At a simpler or more current time, it would be an important sociological resource. In 2021, it is also a record of culture and the exact statements surrounding not only an increase in extremist views and actions, but an attempted coup. “
Gab and a competing website called Parler were some of the last havens that allowed much of the content to remain publicly available. Amazon and web hosting providers later cited the lack of adequate content moderation when suspending the service for Parler.
Just before closing, however, someone found a way to use Parler’s publicly available programming interfaces to extract about 99% of the site’s user content and then make it publicly available.
Although law enforcement groups probably had other ways of obtaining Parler data, their public availability allowed a much broader body of people to do their own research and investigation. The leak was especially valuable because the materials contained metadata that is usually removed before users can download videos and images. Metadata has given people the ability to track the timelines and precise locations of filmed participants.
DDoSecrets said that the 70 GB GabLeaks contains more than 70,000 simple text messages in more than 19,000 chats by more than 15,000 users. The dump also displays passwords with “hash”, a cryptographic process that converts plain text into unintelligible characters. Although hashes cannot be converted back to plain text, breaking them can be trivial when websites choose weak hash schemes. (Best told Ars that they didn’t know which hashing scheme was used.) The leak also includes plaintext passwords for groups of users.
Hate speech paradise
Gab has long been criticized as a haven for hate speech. In 2018, Google banned the Gab app from its Play Store for terms of service violations. A year later, host GoDaddy ended the service for Gab after one of his users accessed the site to criticize the Hebrew Immigrant Aid Society just before killing 11 people in a Pittsburgh synagogue.
Gab was also investigated by the Pennsylvania attorney general. In January, the Anti-Defamation League asked the United States Department of Justice to investigate Gab for his role in the insurrectionary attack on the capital.
Attempts to contact Torba for comment were unsuccessful.
Best said DDoSecrets is making GabLeaks available only to journalists and researchers with a documented history of leak coverage. People can use this link to request access.