Click here to read our latest report: Going Dark: The Inverse Relationship between Online and On-the-Ground Pre-offence Behaviours in Targeted Attackers

The Midgård Leak: Exposing The Global Business Of The Far Right 

The Midgård Leak: Exposing The Global Business Of The Far Right 
18th January 2024 Peter Smith
In Insights

Introduction

On 4 December 2023, a new website by a group of Stockholm-based antifascist activists went live. Serving the single purpose of hosting a searchable database of approximately 20,000 individual translations from Midgård,  a decades-old online store selling rare and hard-to-find albums from the white power music scene, it offered a glimpse through a normally shuttered window into the business world of white supremacy. 

Unlike several other banal and well-meaning web stores selling pagan and Nordic-inspired merchandise using the name Midgård, this vendor is explicit in its appeal to National Socialist, neo-Nazi, and other far-right movements. Banners appearing on the front page read “Keep It White,” advertise for the “European Brotherhood” and promote brands like “Fasci Nation.” Products featured on the site include images of Adolf Hitler with his face and swastika on the flag behind him covered, likely to comply with some countries’ bans on the symbols, albums featuring sieg hailing skinheads, and symbols and bands aligned with US and European white supremacy.     

This Insight will examine the dedicated work that exposed Midgård’s customer list,  parsing the value of these types of leaks to the tech industry and social platforms actively seeking to curtail the far-right online.

What Is Midgård?

Midgård is a clearing house for those looking for books, albums and T-shirts. The bands featured are from genres exclusively or closely married to hate movements, including Rock Against Communism (RAC) and National Socialist Black Metal (NSBM). Pressings of albums from bands like the UK’s Screwdriver, whose singer, Ian Stuart Donaldson, founded the racist skinhead group Blood and Honor; Max Resist from the United States, connected to the Hammerskin Nation; and Der Stürmer from Greece, who is one of the longest standing NSBM bands still on the scene. 

The site is more than a repository of baseless conspiracy theories and racial science; it is a place where authors and artists creating these works can find a home for products most stores cannot or refuse to sell. Books include multiple language translations of Mein Kampf, promote Holocaust denial, and other titles by prominent authors and figures like David Duke, Julias Evola, Richard Harwood, and more.

The trove of Midgård customer data leaked spans from 2017 to 2022. The website housing the information and an X (formerly Twitter) account credit Anti-Fascist Action Stockholm (AFA Stockholm), a collective of activists opposing far-right organising in the country. Exactly how the customer data was obtained has not been made clear, though past intrusions by the same collective have been blamed on hacks.

Inside The Neo-Nazi Music Scene

The Nordic Resistance Movement (NRM) is a Swedish far-right group founded in an amalgam of three previous neo-Nazi groups. With membership across Sweden, Norway, Denmark, Iceland      and Finland, the group was banned by Finnish authorities in 2020 after the Supreme Court ruled that NRM sought to create a “national socialist state” that was “contrary to the Finnish constitution,” with “racist, anti-immigrant, antisemitic and restrictive of the rights of sexual minorities.” Estimated to have approximately 200 members, NRM aims primarily to create a white pan-Nordic block. Several of their street-level activists and leaders have histories of violence along with criminal records. 

According to the website’s ‘About Me’ section, Midgård is alleged to have begun as a brick-and-mortar record store intended to sell white power music, though details about the store’s location are not given. The business eventually took to selling items over mail order as they claimed that “Reds and patriots” would travel to vandalise the storefront. Midgård’s online autobiography reports developing its international clientele during this time, eventually transitioning from paper catalogues to a digital site sometime in 1998.

“We deliver products to nationalists all around the world, and we are one of the biggest names in our niche,” the website reads. Midgård also runs a record company by the same name, producing original records from other white power bands and artists. 

Based in Alingsås, Sweden, under publisher Ringhorne AB, AFA Stockholm says the company is run by two members of the NRM, Martin Flennfors and Martin Engelin, the latter continuing to be one of its more prominent members. Flennfors, who was reported by the anti-fascist magazine Expo to be a “former board member” of Ringhorne AB, was convicted of ten counts of incitement against an ethnic group for products that were sold on Midgård’s site. In 2021, Flennfors continued his digital ventures with an alternative music streaming service called ‘Liberplay’ based in Estonia. Expo reported that NRM’s private chats referred to the service as “Midgård Spotify” as it featured a wide selection of white power music. 

Latest In Long Line Of Web Leaks

The company has not made any public statements regarding the data leak on its website, social media, or Telegram channel. Far from the first release of hacked data mined from a neo-Nazi website, this is not even the first time AFA Stockholm has released customer data from Midgård, as the website fell victim to a similar leak in 2017. AFA Stockholm also released customer information from NRM’s since-defunct store, Kampboden, in 2016; the White United Shop, a far-right web store run by an NRM member, in 2020; and NRM’s official store ‘Greenpilled’ in August 2023. NRM released a statement to Greenpilled blaming “Russian or Ukrainian perpetrators” for the intrusion, though did not explain the reason for this claim. They accused the anti-fascist activists of purchasing the information, adding that only a small amount of the Greenpilled customer list was revealed. The site remains accessible, though only a note reading “under maintenance” appears. 

In the Midgård leak, the full names of the customers, emails, addresses, phone numbers, and the purchases of each transaction are laid bare and publicly accessible. Individuals with an explanation for their name appearing on the list or were added in error are directed to an email address to request removal.

Since the information was published, activists and journalists have poured over the contents, finding known members of established hate groups. Dozens of individuals have been identified as having links to not just the NRM, but groups like the Vinland Hammerskins, Aryan Guard, NSC-131, as well as people alleged to be working in law enforcement and a former US town major. 

The customer information shows 408 purchases were made to addresses in Canada, though research by the Canadian Anti-Hate Network found that 79 unique individuals appear to have placed the orders. A total of 1,459 purchases were addressed in the United States, which received the third most orders. The vast majority of sales were made within the European Union, with 7,161 individual orders placed in Sweden — the website containing the leak estimates that of the totals from Sweden, 2,500 are unique individuals — 3,415 going to Germany, and 1,448 in the United Kingdom, the first, second, and fourth most orders on the list respectively. Many of these  were made by individuals placing multiple orders over time. 

“We want the register to be a resource for anyone who wants to investigate and attack the Nazi movement,” AFA Stockholm captions the leak. “With this publication, we want to show that one can never be anonymous when choosing to support the Nazi movement. We will always find you! It’s only a matter of time.”

The Utility of Hacktivism

The leak offers insights into how far-right movements and individuals raise funds internationally and organise their online presence. The sales of white power music have long been acknowledged as a tool for financing and supporting members of far-right movements. The associated live concerts, sometimes boasting bands and fans travelling internationally to take part, also serve as a vector for networking and recruitment. Stores like Midgård help keep the scene alive.

Data breaches like this not only show the vulnerability of user data to motivated individuals or groups but also the potential consequences of what happens when private purchases are made public. Significant insights have been gained in the past from leaks of neo-Nazi websites about organising and the promotion of online groups, including data obtained by AFA Stockholm in the past, as well as uncredited breaches like the one that exposed the Iron March forum in 2019. 

When Greenpilled customer data was published online in 2023, the activists responsible also claimed to have discovered the identity of previously unknown members of NRM managing the group’s online forums and websites. Having suffered several breaches since 2014, NRM, in particular, seems unwilling or unable to successfully adapt and secure its online spaces from intrusion. This leaves private or obscured information about their organization vulnerable to motivated activists. 

Leaks that are launched publically and receive attention from mainstream publications covering the actions of and against the far-right can bring prominent but still obscure websites to light. The leak also shows the importance of security by researchers and activists when attempting to obtain primary source materials. Several entries in the initial release of information appear to have been linked to educational institutions and may have been ordered for research purposes. Institutions and individuals engaged in this type of research require strict security protocols designed to protect their personal information.

Moderation of sharing and crosslinking on popular social media platforms already blocks some of the worst examples of far-right and racist content. Several web hosts and platforms took action against sites like the Daily Stormer in the wake of the deadly 2017 ‘Unite The Right’ rally in Charlottesville. It is unrealistic to expect platforms to be aware of every website selling neo-Nazi merchandise on the internet, just as every store that may sell similar items may or may not be aware that its wares belong to brands or sellers intending to support the far-right. A list of products that white nationalists paid a premium to acquire can be carried towards refining better tools for content moderation, especially as many bands in these genres use obscured lyrics to hide their message. Social media platforms need to use this data to strengthen the implementation of policies designed to counter hate speech, just as those that facilitate e-commerce can use the same information to keep the far-right from profiting. 

Peter Smith is an investigative journalist, photographer and researcher focused on violent and extremist movements across the globe. He has written for the Canadian Anti-Hate Network, Militant Wire, the Jamestown Foundation, the Accelerationism Research Consortium, and more. Twitter/X: www.twitter.com/MisterEpet