Gab, widely known as a haven for extremists and pro-Trump conspiracy theories, has been badly hacked again.
On Monday, hackers gained access unauthorized access to the social networking site Grab, which supports hate speech and pro-Trump conspiracy theories.
Gab, a haven for pro-Trump conspiracy theories, has been breached
The compromise came after the account of Gab founder and CEO Andrew Torba was hijacked. The unknown hacker left a post that criticizes him for failing to pay an 8 bitcoin ransom to safely get back documents used to verify user identity.
Moreover, that person also accused Torba of not disclosing the full extent of the first breach.
Gab quickly removed the post and went offline. A few hours later, the platform got back online and Torba created a post saying that Monday’s breach was due to site administrators not revoking OAuth2 bearer tokens, which are stored after user success log-in to a site.
“The attacker who stole data from Gab harvested OAuth2 bearer tokens during their initial attack,” Torba wrote.
According to Torba, while their ability to collect new tokens has been patched, they don’t remove all tokens related to the original attack. The hacker took the advantage of these old tokens to post 177 statuses within 8 minutes.
Social network Gab hacked
Gab's failure to remove bearer tokens may have been attributed to two reasons. One is its unfamiliarity with the open-source Mastodon code and the other is an unwillingness to let users encounter the inconvenience of resetting OAuth2 bearer tokens.
The stealing tokens have surprised many people because they were not included in a hacked Gab database posted by the Wikileaks-style website distributed rejected secretly after the breach.
According to the Gab founder, the private account of Pro-Trump was one of the data stolen and publicly released in this recent breach.