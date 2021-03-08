https://noqreport.com/2021/03/08/gab-ceo-andrew-torba-responds-to-hack-it-was-not-a-new-attack/

Social network Gab was down today following what they believed was a new attack. It was revealed that this was a continuation of an old attack that took place last week as OAuth2 tokens were reused to get into several accounts. The site was immediately shut down but is now back online.

CEO Andrew Torba posted an update explaining what happened and why there is no need for users to reset their passwords.

The attacker who stole data from Gab harvested OAuth2 bearer tokens during their initial attack. Though their ability to harvest new tokens was patched, we did not clear all tokens related to the original attack. By reusing these old tokens, the attacker was able to post 177 statuses in an 8-minute period today. We have not independently verified the information that the hacker posted is authentic.

Gab immediately took the site offline, suspecting this was a new attack. We have been able to confirm it was not a new attack, have cleared all compromised tokens, and are requiring users to log in again. As this is not a new attack and no new data has been compromised, there is no need to change your password or take any other action.

We apologize for the inconvenience, and are very confident this will not happen again.

Gab has seen rapid growth in recent weeks as Big Tech competitors like Facebook and Twitter continue to “purge” conservative accounts and censor what can be said on their platforms. Our EIC posted a list of seven topics that cannot be discussed on Big Tech platforms. Gab prides itself as the only true free-speech platform, and while they do limit anything that is considered illegal, they generally allow perspectives to be delivered without being blocked.

Their main competitor in the burgeoning free-speech-social arena is Parler, which suffered from a Big Tech cancellation shortly after the Big Tech purge began. They were removed from the Apple Store, Android App Store, and their web host at Amazon Web Services. As a result, the site was down for over a month. Gab has remained online throughout other than the two hack attempts which briefly took the site offline.

Free speech online is precarious as censors move to limit what can and cannot be said. But the rise of hackers targeting these sites makes it doubly challenging. We hope Gab can remain secure and continue to be a home for the technologically oppressed.

