Parler suffers data leak before being taken offline
Hackers could combine leaked data with phishing emails to exploit users
Parler, the right-wing social media platform used in the recent insurrection at the Capitol, has been hit by a massive data-scrape campaign, resulting in 70TB of leaked data.
According to a blog post by cyber security firm KnowBe4, hackers could use this leaked data, which included user profile data, admin rights data, videos, and live and deleted posts, to mount various nefarious campaigns aimed at Parler users.
“We anticipate that bad actors will fill the gap by launching phishing campaigns that offer users bogus web sites with fake, malicious Parler downloads or even malware-infected versions of Parler. They may also set up fake web sites and push malicious online advertising to do the same,” said Eric Howes, principal lab researcher at KnowBe4.
Before Parler went offline but after the website was no longer able to use phone or email verification, Twitter user @donk_enby collected 70TB of posts, messages, and videos. This is around 99.9% of all content ever posted to the site.
The breach was possible because the “forgot password” link that would normally require verification was no longer working. Anyone could then override this to log in to accounts that weren’t theirs. Once in, they could log in to accounts with administrator access and create new accounts, also with administrator access. Hackers used these accounts to dump data from the website.
Howes added that Parler-themed phishing emails could take at least two forms. First, spoofed Parler emails offering alternative download/install links. And second, fake right-wing/conservative emails denouncing Google and Apple’s actions and offering alternative download/install links.
“This massive haul of leaked data could allow malicious actors to individually target Parler users in spear phishing campaigns as well as all manner of online scams,” Howes warned.
Howes said his company had developed a handful of simulated phishing emails to be used by customers to test their staff.
“In addition to using these new templates to phish your users, it would also be a good idea to alert your employees and users to the danger that they could be encountering phishing emails as well as fake web sites and deceptive online advertising offering them alternative download sources for Parler that, in reality, will be pushing malware instead,” he said.