Parler Hacked As Attackers Claim Access To Messages, Locations, And Raw Videos

Far-right social media platform Parler has allegedly been hacked (Picture: Getty)
Far-right social media platform Parler has allegedly been hacked (Picture: Getty)

Hackers are claiming they have gained access to vast amounts of data from Parler, the far-right social media platform, before it was taken down.

Over the weekend, the Parler app was blocked from both the Android and iOS app stores.

This was followed by the company losing its website after Amazon stopped supporting it on its AWS cloud platform.

But attackers have claimed that before the social media site went down they were able to get hold of information that includes users’ messages, locations and even in some cases their driving licences.

A self-proclaimed hacker from Austria, known as ‘Donk Enby’ on Twitter, claimed to have access to all of the ‘unprocessed, raw’ video files uploaded to Parler ‘with all associated metadata.’

Another user on Reddit, known as BlueMountainDace, explained how the hack had been accomplished.

Advertisement

Advertisement

‘A group of developers latched onto the Press Release that Twilio put out at midnight last night. In that Press Release, Twilio accidentally revealed which services Parler was using. Turns out it was all of the security authentications that were used to register a user.

‘This allowed anyone to create a user, and not have to verify an email address, and immediately have a logged-on account.’

‘Well, because of that access, it gave them access to the behind the login box API that is used to deliver content — ALL CONTENT (parleys, video, images, user profiles, user information, etc) –. But what it also did was revealed which USERS had “Administration” rights, “Moderation” rights.’

BlueMountainDace then goes on to outline that the attackers were able to zero-in on admin accounts and find content uploaded by those users. In some cases, it included verified users of Parler that had uploaded images of their driver’s licence (and all the personal information contained on it) as proof of identity.

‘Also, a lot of posts were deleted by Parler members after the riots on the 6th. Turned out… Parler didn’t actually delete anything.. just set a bit as deleted,’ the poster goes on to say.

‘Guess what has access to all “deleted” content? Administrator accounts.’

Twilio, meanwhile, has gone on the record to say it had no involvement in Parler’s compromise.

‘With regards to reports of cyber security issues Parler experienced and have been attributed to Twilio, our security team investigated the claims and found no evidence indicating their security issues were related to Twilio or our products,’ Twilio said in a statement provided to Metro.co.uk.

‘Per our website, Twilio has not issued any press releases pertaining to or referencing Parler. Furthermore, Parler was using Twilio to send out identity verification codes for new downloads or password resets.

‘Once a user was verified, security protocols were independently handled by Parler and did not involve Twilio or its products. On Friday, January 8th, we sent Parler a letter informing them they were in violation of our Acceptable Use Policy and notifying them that we would suspend their account if they did not make efforts to remediate multiple calls for violence on their platform.

Advertisement

Advertisement

‘Shortly after receiving our letter, Parler informed us they had already turned off their integration with Twilio. Any cyber security issues experienced by Parler were completely unrelated to Twilio or any of its products.’

Parler has landed in the headlines this week as it has has been revealed as the online space where the US Capitol riots were planned.

And, as such, the information obtained by the hackers (if it were made public, which is what they say they will do) would likely help US authorities track down perpetrators who used Parler to communicate.

Parler has become a hive of far-right commentary following the US election in November (AFP via Getty Images)

Parler calls itself the ‘world’s town square’ and has been around since 2018.

It holds itself up as a platform for free speech but has become a place for ultra-conservative users who fled Twitter amid claims of censorship and political bias.

Parler CEO John Matze complained on his site of being scapegoated.

‘Standards not applied to Twitter, Facebook or even Apple themselves, apply to Parler,’ he said, adding he would not ‘cave to politically motivated companies and those authoritarians who hate free speech’.

There is huge speculation that Donald Trump could soon join Parler after his access to Facebook and Twitter was revoked.

Online speech experts expect social media companies led by Facebook, Twitter and Google’s YouTube to more vigorously police hate speech and incitement in the wake of the Capitol rebellion, as Western democracies led by Nazism-haunted Germany already do.

MORE : What is Signal? The private messaging app is booming after WhatsApp exodus

MORE : What is Parler? Far-right ‘free speech’ app blocked by Google, Apple and Amazon

Advertisement

Advertisement

READ MORE HERE