The Internet Archive is under attack, with a popup claiming a ‘catastrophic’ breach - A popup message claims the online archive has suffered “a catastrophic security breach,” as its operators say the site has been DDOS’d for days.

Article
Archive




When visiting The Internet Archive (www.archive.org) on Wednesday afternoon, The Verge was greeted by a pop-up claiming the site had been hacked. After closing the message, the site loaded normally, albeit slowly.

However, as of 5:30PM ET, the popup was gone, but so was the rest of the site, leaving only a placeholder message saying “Internet Archive services are temporarily offline” and directing visitors to the site’s account on X for updates.

Here’s what the popup said:

“Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!”

HIBP refers to Have I Been Pwned?, a website where people can look up whether or not their information has been published in data leaked from cyber attacks. It’s unclear what is happening with the site, but attacks on services like TweetDeck have exploited XSS or cross-site scripting vulnerabilities with similar effects.

Jason Scott, an archivist and software curator of The Internet Archive, said the site was experiencing a DDoS attack, posting on Mastodon that “According to their twitter, they’re doing it just to do it. Just because they can. No statement, no idea, no demands.”

An account on X called SN_Blackmeta said it was behind the attack and implied that another attack was planned for tomorrow. The account also posted about DDoSing the Archive in May, and Scott has previously posted about attacks seemingly aimed at disrupting the Internet Archive.

We’ve reached out to the organization to learn more information.

----

Link to discussion regarding the breach on Hacker News

 

[Toji Suzuhara]

Jason Scott, an archivist and software curator of The Internet Archive, said the site was experiencing a DDoS attack, posting on Mastodon that “According to their twitter, they’re doing it just to do it. Just because they can. No statement, no idea, no demands.”

Should have used KiwiFlare, bucko

 

[reptile baht spaniard rid]

Archive sites are way too dangerous and there’s only a few. They’re all going to be gone within five years.

All of them. Mark my words.

 

[melty]

I wonder what they are trying to hide?

 

[Sithis]

Archive sites are way too dangerous and there’s only a few. They’re all going to be gone within five years.

All of them. Mark my words.

Guess we gotta start printing lolcow threads to PDF with live backups then

 

[Hitman One]

Guess we gotta start printing lolcow threads to PDF with live backups then

There needs to be a lolcow version of the Svalbard global seed bank.

 

[Super-Chevy454]

I wonder what they are trying to hide?

I wondered the same question, could we said it's probably the same kind of hidden skeletons then LFJ and his buddies have in their closet?

 

[Toji Suzuhara]

Something dirty on someone very powerful was archived by these 2 sites. As for what? We'll probably never know.

Damn, where's wikileaks when you need them? Yeah, that's right, imprisioned and dissolved by the powers that be

 

[KosherFarms.net]

In my opinion it looks like IA has a downloading vulnerability and this clout chasing moron is abusing it to take the site down. Probably spamming download requests from a bot net.

 

[Sithis]

Something dirty on someone very powerful was archived by these 2 sites. As for what? We'll probably never know.

Don't most people use archive(.)ph or one of the spinoffs anyway? Unless it's a tweet/X post because their API limitations seem to prevent it from effectively archiving sometimes. So maybe it was some damning tweet? We've seen Taylor Lorenz call in favors for dumber things.

 

[Temperance]

They haven't acknowledged the breach (yet). Just the DDoSing.
https://x.com/internetarchive/with_replies


People in the comments are pointing it out, but there's been no response:
https://x.com/internetarchive/status/1844134181451989331
https://x.com/brewster_kahle/status/1844133492453671192


Here's the person taking credit for the DDoS:
https://x.com/Sn_darkmeta/status/1844080692772401399 [Archive]

 

[HahaYes]

Currently this shows upon navigation to the homepage:

Hackernews post | Archive

Details are a bit scarce at the moment. It's suspected this could be either cache poisoning or an XSS. Post updates as you find them/as they're revealed. Also get fucked wayback you kikes

People in the comments are pointing it out, but there's been no response:

They likely won't for a few hours, need to put a statement together while they start analysis on what happened

 

[KosherFarms.net]

View attachment 6504606
In my opinion it looks like IA has a downloading vulnerability and this clout chasing moron is abusing it to take the site down. Probably spamming download requests from a bot net.

This actually feels very similar to the DDOS that happened to us just a little bit ago. Josh had forgotten to put Kiwiflare on a hidden download page and someone was spamming requests from it to slow down the site. I feel very certain that is what's going on here.

 

[Vecr]

Everyone always needs to remember that Wayback has no backups. If someone decides to go on a deleting spree, that's it.

 

[The Repeated Meme]

This does not appear to affect archive.is (archive.today) archives.

 

[HahaYes]

A&H thread is here because I'm fucking blind and didn't check for it properly before posting, apologies.

If someone decides to go on a deleting spree, that's it.

If this isn't some script kiddie stealing emails to post on HIBP/whatever breach site they feel like and they do have the access to start obliterating content this is going to be unreal

This does not appear to affect archive.is (archive.today) archives.

Archive.is/today/md/ph/vn is a completely different entity to wayback, so naturally it wouldn't affect their archives

 

[Markass the Worst]

View attachment 6504606
In my opinion it looks like IA has a downloading vulnerability and this clout chasing moron is abusing it to take the site down. Probably spamming download requests from a bot net.

I was about to say "deserved" because IA censors their archives but then this faggot had to ruin it with his Israel sperging. How does IA have anything to do with the shit the US does? He should kill himself. I believe everybody involved in this story should die.

 

[Jimjamflimflam]

Boy, I sure do love it when they attack helpful sites that do no harm but leave all the bad sites up. Fuck, I hope they nail this guy's balls to wall. Getting so tired of these hacks on well-meaning sites.

 

[Sithis]

Boy, I sure do love it when they attack helpful sites that do no harm but leave all the bad sites up. Fuck, I hope they nail this guy's balls to wall. Getting so tired of these hacks on well-meaning sites.

TPTB as well as lawyerfags representing IP rights holders have been wanting IA to go down for a while now, I don't foresee them getting much traction on an investigation.

 

[Mike Matei's Penis]

My CHD formatted PS1 isos! And my RVZ formatted Gamecube isos! This is a war on storage space