Parler hacked as attackers claim access to messages, locations and videos

Parler hacked as attackers claim access to messages, locations and videos

January 11, 2021

Hackers are claiming they have gained access to vast amounts of data from Parler, the far-right social media platform, before it was taken down.

Over the weekend, the Parler app was blocked from both the Android and iOS app stores.

This was followed by the company losing its website after Amazon stopped supporting it on its AWS cloud platform.

But attackers have claimed that before the social media site went down they were able to get hold of information that includes users’ messages, locations and even in some cases their driving licences.

A self-proclaimed hacker from Austria, known as ‘Donk Enby’ on Twitter, claimed to have access to all of the ‘unprocessed, raw’ video files uploaded to Parler ‘with all associated metadata.’

‘A group of developers latched onto the Press Release that Twilio put out at midnight last night. In that Press Release, Twilio accidentally revealed which services Parler was using. Turns out it was all of the security authentications that were used to register a user.

‘This allowed anyone to create a user, and not have to verify an email address, and immediately have a logged-on account.’

‘Well, because of that access, it gave them access to the behind the login box API that is used to deliver content — ALL CONTENT (parleys, video, images, user profiles, user information, etc) –. But what it also did was revealed which USERS had “Administration” rights, “Moderation” rights.’

BlueMountainDace then goes on to outline that the attackers were able to zero-in on admin accounts and find content uploaded by those users. In some cases, it included verified users of Parler that had uploaded images of their driver’s licence (and all the personal information contained on it) as proof of identity.

‘Also, a lot of posts were deleted by Parler members after the riots on the 6th. Turned out… Parler didn’t actually delete anything.. just set a bit as deleted,’ the poster goes on to say.

‘Guess what has access to all “deleted” content? Administrator accounts.’

Parler has been revealed as the online space where the US Capitol riots were planned.

And, as such, this kind of information (if it were made public, which is what the hackers say they will do) would likely help US authorities track down perpetrators who used Parler to communicate.

Online speech experts expect social media companies led by Facebook, Twitter and Google’s YouTube to more vigorously police hate speech and incitement in the wake of the Capitol rebellion, as Western democracies led by Nazism-haunted Germany already do.

Source: Read Full Article