Hackers Access and Post Parler User Data

Hackers have allegedly stolen user data from Parler before it was taken down due to an API vulnerability.

Hackers have allegedly stolen user data from Parler before it was taken down due to an API vulnerability.

According to Redditor BlueMountainDace, after Parler vendors stopped providing service, the backend no longer required password resets.

“So a group of developers latched onto the Press Release that Twilio put out at midnight last night. In that Press Release, Twilio accidentally revealed which services Parler was using. Turns out it was all of the security authentications that were used to register a user. This allowed anyone to create a user, and not have to verify an email address, and immediately have a logged-on account,” explained BlueMountainDace.

After the hackers uncovered the exploit, they compromised an admin account created thousands of dummy accounts before creating a  docker container called warrior and distributed the download.

Some data including parleys, video, images, user profiles, user information are now allegedly in the hands of hackers and private individuals including some posts relating to the Capitol which were only marked as deleted.

Most of the compromising data dumps were posted on donk.sh by the hackers. 

The text files in the dumps contained links to posts and photos relating to the Capitol insurrection which were archived using Wget-AT.


© Fourth Estate® — All Rights Reserved.
This material may not be published, broadcast, rewritten or redistributed.