Was the Parler social network hacked? No, there is no evidence for that. The original news came from a now deleted tweet by a conceptual artist known for high-tech art projects. A configuration file that was supposedly part of the hack has been online for several months. No hacked data has appeared online so far and the CEO of Parler has denied any hack took place.
The claim appeared first in a tweet published by conceptual artist Kevin Abosch (@kevinabosch) on November 24, 2020 (archived here) which read:
"I've seen what looks like legit proof of 5000 compromised Parler accounts including DM's of some well-known figures. Hackers decompiled the app, zero day exploit etc.. I wish I could unsee what I've seen."
This is what the post looked like on Twitter:
(Source: screenshot from archive.is)
Other users on Twitter and 4chan (archived here) pointed towards an archived WordPress configuration file available on archive.is that was supposedly part of the "hack". However examination of that archived copy suggests it has been online since at least July 17, 2020:
The link where the file was supposedly found does not work anymore, suggesting whatever issue was causing it to be online has been fixed.
The file itself appears to be a configuration file for a Wordpress installation. Wordpress is a content management system for websites and from domain names found in the file it looks like the installation in question was used to manage the pages at home.parler.com (but probably not the system with the actual content from Parler's users). It also referenced the IP address 34.74.112.189 which has indeed been the address associated with home.parler.com according to records we verified.
The website archive.is allows anyone to make a snapshot of the state of any webpage at a given point in time, allowing them to prove later what the page looked like at that point in time.
Also of note: an unsecured configuration file with passwords left online is definitely not the same as "decompiling an app" and using a "zero-day exploit" like the initial tweet claimed. Decompiling involves recreating a source-code version of the binary version of an app or program, and a zero-day exploit is hacker jargon for a security vulnerability that is very new and not widely known yet.
In a statement (archived here) John Matze, CEO and founder of Parler, denied that they used Wordpress at all and stated all the hacking allegations were false:
The alleged "Parler hack" is a screenshot from a WordPress website that has been circulated repeatedly over the past 6 months, despite Parler's multiple responses that we do not use WordPress products, nor WordPress databases. All of our databases are hidden behind multiple layers of security and are not accessible via the web. This is an irresponsible rumor which uses a "techie" looking WordPress config file which is only capable of confusing a journalistic hack, not an actual hacker. If Twitter continues to fact check others, they should also fact check posts such as these that spread viral misinformation.
Furthermore, we don't store any personal data, user verification data is deleted on completion, and direct messages cannot send videos/images. All allegations are fake. They are just obsessed with us.
However the archive.is service only takes snapshots of pages that are actually online so this is no mere "screenshot" that confuses "journalistic hacks". In addition to archive.is the page was also archived on July 17, 2020 by the Internet Archive here. Being somewhat of a "techie" myself the evidence points to this file being live on home.parler.com/1 at least for a short period of time in July 2020. No explanation was offered why that file would be there, and that is indeed confusing.
But that does not mean Parler was hacked in November. There is no evidence for that: none of the supposedly hacked data has appeared online as far as we could determine and the tweet from the artist initially making the allegation has been deleted. He describes himself on his website as follows:
Kevin Abosch (born 1969) is an Irish conceptual artist known for his works in photography, sculpture, installation, AI, blockchain and film. Abosch's work addresses the nature of identity and value by posing ontological questions and responding to sociologic dilemmas. Abosch's work has been exhibited throughout the world, often in civic spaces, including The Hermitage Museum, St Petersburg, The National Museum of China, The National Gallery of Ireland, Jeu de Paume ( Paris), The Irish Museum of Modern Art, The Museum of Contemporary Art Vojvodina, The Bogotá Museum of Modern Art, ZKM (Zentrum für Kunst und Medien) and Dublin Airport.
He has been known to produce art involving tweets and (possibly deleted) tweets, for example in this thread:
2/ The timestamp of my reply to this tweet shall serve as the cutoff for anyone wishing to acquire this free work. I have no idea how long Twitter will exist, so I'm not certain how long a collector will be able to prove they are an owner of this work.
-- Kevin Abosch (@kevinabosch) November 13, 2020
We have reached out to Mr. Abosch for comment and will update this story when we hear back from him.
