404 Media

2025-10-09 15:26:05

The Discord Hack is Every User’s Worst Nightmare

A catastrophic breach has impacted Discord user data including selfies and identity documents uploaded as part of the app’s verification process, email addresses, phone numbers, approximately where the user lives, and much more.

The hack, carried out by a group that is attempting to extort Discord, shows in stark terms the risk of tech companies collecting users’ identity documents, and specifically in the context of verifying their age. Discord started asking users in the UK, for example, to upload a selfie with their ID as part of the country’s age verification law recently.

💡
Do you know anything else about this breach? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.

“This is about to get really ugly,” the hackers wrote in a Telegram channel, which 404 Media joined, while posting user data on Wednesday. A source with knowledge of the breach confirmed to 404 Media that the data is legitimate. 404 Media granted the source anonymity to speak candidly about a sensitive incident.

This post is for subscribers only

Become a member to get access to all content
Subscribe now

The Discord Hack is Every User’s Worst Nightmare

^{Joseph Cox (404 Media)}

404 Media

2025-10-09 14:33:06

Help Us Investigate Book Bans and Educational Censorship Around America

Over the last few years, some of our more meaningful (and unfortunately bleakest) reporting has been on the many ways in which the right wing has systematically targeted libraries, schools, authors, and educators over the things they teach, specifically with regard to the teaching of systemic racism, LGBTQ+ issues, science, and sex education. These targeting efforts have led to a widespread, highly successful effort to ban books, restrict curricula, harass and oust teachers and librarians, and broadly censor the educational system. This movement has leveraged these successes to seize power not just in city councils and local school boards but has succeeded in making censorship and “anti wokeness” one of the dominant political ideologies in the United States.

We have successfully gained access to public records that show, for example, how a local group in Idaho successfully got a police officer to go hunting for “obscene” books at the public library, the playbook behind getting "Drag Storytime" library events canceled, how superintendents in Florida couldn’t figure out how to comply with the state’s “Don’t Say Gay” law, and have spoken to numerous librarians, scientists, and professors to learn how educational freedom, free access to information, and historic archives are under attack. Today—which happens to be the fourth day of Banned Books Week—we are proud and excited to announce that we will be continuing and ramping up this work over the next year with the help of a grant from our friends and colleagues at government transparency nonprofit Muckrock, with support from the Filecoin Foundation for the Decentralized Web. (We’re also excited to partner with Muckrock on this new piece of limited edition merch it made for Banned Books week).

From our proposal: “Book banning and educational censorship (the banning of LGBTQIA+ studies, the study of slavery and systemic racism, the war on “DEI” and trans people) has become a political cudgel and core rallying point for the current administration. These bans have been pushed through by organized groups such as Moms for Liberty and high-profile politicians, and impact the daily lives, careers, and future prospects of students, their families, and teachers, while simultaneously managing to become a core part of the culture war. These documents about censorship are themselves difficult to obtain and are at risk of being memory holed and forgotten about without a systematic effort to obtain, publish, and archive them. This project will show how censorship works and will shed light on the sheer scale of these censorship efforts, at a time when public trust in the government is at an all-time low.”

Over the next few weeks, we will be filing hundreds of public records requests with state, local, and federal governments and school districts with the hope of unearthing more information about the groups, politicians, and monied interests that have been pushing book bans and educational censorship on American public schools and libraries. As we get these documents back over the course of the next few months, we will be making them available to the public through Document Cloud, with the hopes of creating an enduring archive of public records about educational censorship in the United States. We will also, of course, be reporting on the documents we get back and will be turning them into articles that you can read on 404 Media.

As always, we will need some help from our readers. We need help deciding what to look for, which school districts and cities to seek public records from, and need leads on where we should point our reporting efforts. During the height of the pandemic, many city councils made their meeting minutes and meeting transcripts searchable, so we have a good sense of the types of organizations and communities that have been most severely affected by educational censorship and book bans, and have a good idea of where to get started. But if you are a librarian, teacher, educator, parent, local politician, or activist who is aware of systemic efforts to ban books, censor curricula, defund libraries, or otherwise attack educational freedom, please let us know by emailing jason@[url=https://web.brid.gy/404media.co]404 Media[/url] or by reaching out to Jason securely over Signal at jason.404. And if you want to further support this work, you can do so by becoming a paid subscriber or by donating to our tip jar.

Tip Jar

^{Jason Koebler (404 Media)}

404 Media

2025-10-03 02:19:17

ICEBlock Owner After Apple Removes App: ‘We Are Determined to Fight This’

The developer of ICEBlock, an app that lets people crowdsource sightings of ICE officials, has said he is determined to fight back after Apple removed the app from its App Store on Thursday. The removal came after pressure from Department of Justice officials acting at the direction of Attorney General Pam Bondi, according to Fox which first reported the removal. Apple told 404 Media it has removed other similar apps too.

“I am incredibly disappointed by Apple's actions today. Capitulating to an authoritarian regime is never the right move,” Joshua Aaron told 404 Media. “ICEBlock is no different from crowd sourcing speed traps, which every notable mapping application, including Apple's own Maps app, implements as part of its core services. This is protected speech under the first amendment of the United States Constitution.”

💡
Do you know anything else about this removal? Do you work at Apple or ICE? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.

This post is for subscribers only

Become a member to get access to all content
Subscribe now

ICEBlock Owner After Apple Removes App: ‘We Are Determined to Fight This’

Apple removed ICEBlock reportedly after direct pressure from Department of Justice officials. “I am incredibly disappointed by Apple's actions today. Capitulating to an authoritarian regime is never the right move,” the developer said.

^{Joseph Cox (404 Media)}

404 Media

2025-10-01 13:00:43

Podcast: Landlords Demand Your Workplace Logins to Scrape Paystubs

We start this week with Joseph’s article about landlords and income verification companies demanding login details from potential renters so the companies can log in and scrape their paystubs. That has some potential legal issues for everyone involved! After the break, 18 lawyers tell us why they used AI. In the subscribers-only section, Emanuel breaks down the massive drama around Ruby.
playlist.megaphone.fm?e=TBIEA4…
Listen to the weekly podcast on Apple Podcasts,Spotify, or YouTube. Become a paid subscriber for access to this episode's bonus content and to power our journalism. If you become a paid subscriber, check your inbox for an email from our podcast host Transistor for a link to the subscribers-only version! You can also add that subscribers feed to your podcast app of choice and never miss an episode that way. The email should also contain the subscribers-only unlisted YouTube link for the extended video version too. It will also be in the show notes in your podcast player.
youtube.com/embed/KtvSBb6rtHE?…

• Landlords Demand Tenants’ Workplace Logins to Scrape Their Paystubs
• 18 Lawyers Caught Using AI Explain Why They Did It
• How Ruby Went Off the Rails

The 404 Media Podcast

Tech News Podcast · Updated Weekly · Welcome to the podcast from 404 Media where Joseph, Sam, Emanuel, and Jason catch you up on the stories we published this week. 404 Media is a journalist-owned digital media company exploring the way …

^{Apple Podcasts}

404 Media

2025-09-26 15:25:00

Behind the Blog: Behind 404 Media's ICE Lawsuit

This is Behind the Blog, where we share our behind-the-scenes thoughts about how a few of our top stories of the week came together. This week, we discuss being journalism dorks, our new lawsuit against ICE, and working on bullshit.

JASON: I’m writing this from sunny Athens, Greece, where I’ve been invited to talk about 404 Media at the IMEDD International Journalism Forum, an annual conference. Over the years, I haven’t been to too many conferences, because honestly it was always too disruptive to the day-to-day journalism and work of managing a team to be able to get away. We’re more than two years into this, but one of the nice things about having this company is that I can mostly get my work done whenever makes sense for me, whether that’s late at night in Los Angeles or early in the morning in Greece.

This post is for subscribers only

Become a member to get access to all content
Subscribe now

Behind the Blog: Behind 404 Media's ICE Lawsuit

^{Samantha Cole (404 Media)}

404 Media

2025-09-25 16:29:37

The SIM Farm Hardware Seized by the Secret Service Is Also Popular With Ticket Scalpers

Subscribe

Join the newsletter to get the latest updates.

Success

Great! Check your inbox and click the link.

Error

Please enter a valid email address.

Tuesday, the Secret Service said it “dismantled a network” of “300 co-located SIM servers and 100,000 SIM cards across multiple sites.” The Secret Service suggested that this network posed a threat to the United Nations General Assembly meeting, which was “within 35 miles” of the servers and which it said could have been used to “disable cell phone towers.” The story quickly went viral, with the New York Times and CNN’s reports being widely shared and discussed.

CNN reported that the SIM servers were used in swatting calls against members of Congress, and the New York Times quoted an expert who said that they believed the servers could be used for espionage. As security researcher Robert Graham points out in a post called “That Secret Service SIM farm story is bogus—it’s just normal crime,” the Secret Service has not yet released any actual evidence of what the SIM servers were used for and it is unclear how such a setup could be used for “espionage.” Graham notes that, based on photos released by the Secret Service and its description of the operations, claims that such a network could have only been created by a sophisticated nation state actor are particularly ridiculous: “I can pull this off, personally. It’s just a SIM farm. Sure, there’s some capital involved, on the order of $1 million, but it could be setup and managed by a single person. It likely wasn’t setup all at once with that much money, but has been slowly growing for years as profits are funneled back into setting up more SIM accounts,” he wrote.

The discovery of a bunch of SIM banks (also called SIM farms, SMS gateways, and several other things) anywhere is interesting from a spam / cybercrime perspective, and they give a type of cyberpunk visual that, frankly, is extremely my shit. But the breathless way this bust has been announced—with a special video announcement by Secret Service director Sean Curran and a clearly embargoed rollout with the New York Times and CNN, makes these SIM farms seem as though they are particularly special and high tech, when they clearly are not. The technology used, which can be seen clearly in photos released by the Secret Service, are regularly used by SMS scammers, spammers, and marketers, yes, but the tech is also extremely widely used by ticket scalpers seeking to create lots of Ticketmaster accounts with which to buy tickets. This is off-the-shelf technology that anyone can buy and use; if one had enough money, one could surely buy 300 of them from Ejointech, the Chinese company that makes them, and set something like this up.

I have been familiar with and meaning to write about SIM banks for a few months now, specifically because they have become popular with ticket scalpers. Like many “anti-scalping” and anti-fraud measures taken by Ticketmaster, relatively recent updates that require SMS verification to create a new Ticketmaster account and immediately before buying tickets hasn’t actually stopped scalping. Instead, it has created a new underground market for tools that make SMS authentication at bulk easier. By adding this barrier to entry, Ticketmaster has ensured that normal fans have one single attempt to buy tickets, while motivated ticket scalpers with specialized tech can have many attempts at buying tickets.

This SMS verification system has created a new underground market for various technologies and software that lets scalpers game this SMS verification system. SIM boxes are such an important part of that new underground market that Ejointech now advertises one of its products—which looks very much like the models shown in the Secret Service’s images from the seized servers in New York—as specifically being good “for ticketing & bulk SMS.”

“Popular model: used by 5,000+ leading ticket brokers globally & trusted for thousands of large-scale SMS campaigns!,” Ejointech advertises on the $3,730 Ejoin 256 SIM 4G LTE SMS Gateway. On TikTok, it advertises a similar, 512 SIM card model as having “human behavior,” “cloud management,” and “auto SIM card switch.”

“Ticket brokers, streamline your Ticketmaster operations with EjoinTech! Our SMS gateway devices support up to 512 SIM cards, ensuring you never miss a verification code,” the company says. “Designed for efficiency with no unnecessary noise.”
youtube.com/embed/BZnrXxt47Qw?…
There is of course no evidence that the SIM boxes seized by the Secret Service this week were used by ticket scalpers, but there’s also no public evidence released by the Secret Service that suggests they were going to try to disrupt the UN General Council’s meeting. The point I’m making is that these devices and these types of farms have become somewhat common in recent years, and they are used not just to send messages in bulk but to receive them in bulk, too. They are used not just for crimes, but for various grey market and controversial, but not necessarily illegal, purposes too.

“Proxies” and real SIM cards that can receive SMS messages have become critical to the ticket scalping industry. The way ticket scalping works now is that big time brokers will create many (hundreds or thousands) of unique Ticketmaster accounts, each associated with their own phone number. These are sometimes made using prepaid or low-cost wireless carriers like MobileX, whose SIM cards appeared in bulk in Secret Service materials.

Not every big time broker is going to want to roll their own SIM bank, so a series of companies have popped up that offer “proxies,” which just means that they are basically a company running and selling access to phone numbers, keeping them online, and forwarding SMS codes directly to the ticket broker buying them. These companies do not advertise what specific hardware they are using to do this, but SIM boxes could easily be used to do this, and the scale of farm that the Secret Service found is not particularly large considering these types of services exist. They go by names like “WiredSMS,” “TextChest,” “Quick-Text,” “SMSPass,” and “Jivetel,” among others. TextChest advertises “industry-leading physical SIM lines, trusted by thousands.” A company called Seat Heroes notes that it is “carrier compliant” and that “while others rely on risky, unauthorized setups, Seat Heroes runs on the first ever Tier 1 carrier-integrated infrastructure—no modems, no VOIP, just proprietary and exclusive access to genuine numbers—always on, 24/7” and “no SIM banks—just direct connections.”

In practice, ticket brokers connect their proxies—either bought from a third party or rolled by themselves—to other bespoke ticketing-buying software that helps them actually manage tons of Ticketmaster accounts and tons of phone numbers at once. There are a host of ticket broker-specific internet browsers that allow brokers to open hundreds or thousands of browser tabs, which each have a browsing session tied to either a specific SIM card or to an IP proxy which can also be bought from third-party services. This allows brokers to power through Ticketmaster’s “Virtual Waiting Rooms” because a broker can have hundreds or thousands of independent browser sessions waiting as separate “people.” The SIM box (or a SIM proxy service) can then be set up in these bespoke browsers to automatically forward and submit Ticketmaster’s SMS two-factor authentication, which is supposedly designed to prevent scalpers from getting tickets.

At one point, Private Tabs, one of the bespoke browsers for ticket scalpers, was advertising a “SIMBOX HARDWARE ADD-ON,” which could “add 512 phone numbers for $3 per line.”

“These hardware devices allow you to add 512 phone numbers to your Private Tabs account,” an archived version of the Private Tabs website reads. “If you already have one, then you can just add it to the config or call us, and we’ll set it up for ya. This ensures that every account you load in has its dedicated number. Rather than paying $9 to $24 per phone number, you can purchase one of these devices and get a phone line for as little as $3 per number. Typically, they pay for themselves within 2 months since each device can hold 512 numbers. With this device you do not need ‘TextChest’ or ‘Private Tab Phones’ [a proxy service] as you can host your own numbers for half the cost.”

The Private Tabs web browser no longer advertises SIM boxes, and in a FAQ on its current website, it says says people using their own telecom hardware may run into problems: "There have been recent reports as of 9/5/2025 that some people using Chinese hardware is a problem. You may want to contact your phone company before trying to integrate it with the API to confirm it works ok."

Ticketmaster Used Revolving Barcodes to Control Ticket Resale Market and Surveil Customers, DOJ Alleges

"We now not only know the person that bought the ticket, but we’re going to know those three people that you are taking to the show, which we have not known historically."

^{Jason Koebler (404 Media)}