Code Hacking
  • The “IronMarch” forum shut down two years ago, but a revealing backup just appeared online.
  • Investigators, journalists, and law enforcement authorities are currently trying to figure out who is who.
  • The number of exposed members is 3,548 – so there’s a considerable investigative effort to take place now.

ZDNet reports that a mysterious hacker has published a database dump belonging to the “IronMarch” forum, a popular neo-nazi internet platform that went offline in November 2017. Two years after that, the entire SQL database was published by “antifa-data” on archive.org with scripts to convert the tables into CSV files. According to the “ReadMe” file that is contained in the dump, the data is part of a backup of the forum. The link to this backup was originally posted to Fascist Forge, the successor of the IronMarch, but it was quickly removed.

The info that is contained includes user names, emails, IP addresses, private messages, public comments, and media such as images. Even forum administration data such as the logs, or the users’ two-factor authentication settings are also present. This is a goldmine for the law enforcement authorities, who are currently reviewing it. Remember, IronMarch wasn’t just an opinion exchange platform, but an incubator of hate and violence. This is where fascist groups such as the Antipodean Resistance and the Atomwaffen Division were created. These groups have been involved in actual terrorist attacks in the US and Australia, so one cannot ignore or downplay the value of this dump.

Many of the forum members were most probably using the Tor or a VPN solution, so the IP addresses may not be very useful in finding out the real identities, but still, email addresses could be revealing. In the case of Jacob Oakley, a Republican candidate for Oklahoma, it was.

More are bound to be identified in this database in the following days, weeks, or even months, as the whole process will require a significant investigative effort. Thankfully, many are willing to put in the effort and the dump is publicly available, so any white supremacists involved are destined to abstain from relaxing night sleep in the following period. Already, there’s a Google Drive document that is openly shared for commenting, and where journalists and investigators can discuss on the leads they have and gradually reach into safe conclusions.

ironmarch-admin-log
Source: ZDNet

Right now, people have 3,548 registered forum accounts to work with, accompanied by their full activity like private chats and public content. Judging from the last user’s registration date, the backup was a snapshot of the last day that the forum was operational. That said, it was created by the admins with the purpose to migrate the whole thing elsewhere in the future.

Will you be participating in the “open investigation” to identify IronMarch members? Let us know in the comments section down below, or on our socials, on Facebook and Twitter.