Internet activists, according to a post on Reddit about 70 TByte Data of the social media platform Parler, which was popular especially among right-wing extremists and right-wing radicals, was stolen. This was possible because the company Twilio inadvertently disclosed in a press release which cloud services Parler uses to operate.
The hackers thus learned that they did not need to bypass mail confirmation or two-factor authentication to download Parler's user information, but that the pictures, videos and texts can be called via a public AOU of the service.
The hackers also managed to reset the password of an administrator account. Twilio is said not to have requested the old password in the process. The hackers then used the hijacked admin account to set up millions of other accounts with administrator rights. This allowed more people to help "secure" the data.
Coordinated download of user data
To speed up the data download, the hackers created a Docker image that could be downloaded and launched by additional people. The image contained software that coordinated and automatically downloaded data from the Parler servers. This data was then stored with various cloud hosts for archiving.
According to the hackers, the data will be used, among other things, by law enforcement agencies to initiate investigations against users. The "Verified Citizen" status, which users could obtain from Parler by uploading the front and back of their driver's license, is helpful here. These images were also stolen when the platform was hacked and can identify many users.
Parler did not actually delete data
It also plays into the hackers' hands that Parler does not actually delete data deleted by users, but only moves it to an archive. Before the storm on the capital on January 6, 2021, many users "deleted" critical posts. However, with the administrator accounts, this content could still be downloaded by the hacker.
In the meantime, American right-wing extremists have also confirmed the incident and stated that affected users of the platform no longer have any way to protect themselves from the leak of their data.
Parler ceased operations on January 11, 2021. However, this is not due to the successful hack, but because Amazon has switched off the hosting. The operators have not yet been able to find a new hoster.
