A mysterious hacker has published today a database dump of one of the internet’s most infamous neo-nazi meeting places — the IronMarch forum.
The data published today includes a full copy of its content, including sensitive details such as emails, IP addresses, usernames, and private messages.
The database dump is currently being analyzed by a multitude of entities, including law enforcement, in the hopes of linking forum members to accounts on other sites and potentially exposing their real-world identities.
The drive to unmask forum members comes from the fact that IronMarch, while a little-known site to most internet users, has been the birthplace of two of today’s most extreme far-right neo-nazi movements — the Atomwaffen Division and SIEGE Culture — with the first being accused of orchestrating at least eight murders around the world.
A short history of the IronMarch forum
The IronMarch forum was officially launched in the fall of 2011 and is the creation of Russian national Alexander Slavros.
For most of its lifetime, the forum never became popular and lived in the shadow of other more well-known neo-nazi meeting sites like Stormfront, 4chan, 8chan, and Reddit.
This isolation allowed the forum to “thrive” and take a different direction from the other neo-nazi and white supremacy communities, which received a lot more media attention and were generally more tame in the content they published.
Slowly, through the years, the IronMarch forum developed a culture of advocating violence, murder, and extreme racism, something that other sites wouldn’t generally tolerate.
In 2015, forum members founded the “Atomwaffen Division,” a neo-nazi group that has been recently labeled a terrorist network due to its involvement in multiple murders.
The forum spawned a second extremist group in July 2017, when several IronMarch members created another neo-nazi group with violent tendencies called SIEGE Culture, inspired by the writings of neo-nazi author James Mason.
As the world slowly learned of the forum’s existence through the exploits of its various members, the site went down in November 2017.
At the time, there was no announcement. Some speculated that the site shut down on its own to avoid a law enforcement investigation. Others thought that some foul play was involved.
Today’s dump lends credence to the latter theory that a hack might have been involved, although we may never be 100% sure.
The search for members’ identities begins
While many forum members are very likely to have used a VPN or Tor to access the forum, some analysts looking at the data are hoping they can find clues to users’ identities through the emails they used to register, the nickname they chose on the site, and the forum posts and private messages they’ve sent each other.
This search will take extensive data mining and a deep analysis of the released information; however, many are willing to put in the work, hoping to track down some of society’s most dangerous sociopaths.
Slowly but surely, such details are have begun showing up already. According to a list of email domains used to register accounts on the forum, some analysts have spotted at least one email address registered to a Long Island-based community college (sunysuffolk.edu), which narrows down the search for that particular member from tens of millions of possibilities to only a few thousand.
And, then there’s this…